Overview
Mozilla products fail to properly handle frame or window references. This may allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
JavaScript references are not properly cleared after an object is deleted. An attacker may be able to use the reference to a deleted object to execute arbitrary code on a vulnerable system. According to the Mozilla Foundation Security Advisory 2006-044, versions of Mozilla Firefox prior to 1.5 and the Mozilla Suite are not affected by this vulnerability. |
Impact
A remote, unauthenticated attacker could execute code with the privileges of the user running the Mozilla-based web browser. |
Solution
Apply an update |
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.mozilla.org/security/announce/2006/mfsa2006-44.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=338288
- http://secunia.com/advisories/19873/
- http://secunia.com/advisories/21216/
- http://secunia.com/advisories/21229/
- http://secunia.com/advisories/21228/
- http://www.securityfocus.com/bid/19181
Acknowledgements
This vulnerability was reported by the Mozilla Foundation, who in turn credit Thilo Germann.
This document was written by Ryan Giobbi.
Other Information
| CVE IDs: | CVE-2006-3801 |
| Severity Metric: | 8.35 |
| Date Public: | 2006-07-25 |
| Date First Published: | 2006-07-27 |
| Date Last Updated: | 2007-02-09 14:03 UTC |
| Document Revision: | 18 |