The risk appears remote, but this type of memory corruption could potentially be used by an attacker to run arbitrary code including the installation of malware.
A remote attacker may be able to run code of their choosing on an affected system. The attacker-supplied code would be executed with the permissions of the user running the vulnerable program.
Thanks to Mozilla Foundation Security Advisory for reporting this vulnerability. The Mozilla Foundation, in turn, credits Igor Bukanov with reporting this issue to them.
This document was written by Chad Dougherty based upon information supplied by the Mozilla Foundation.
|Date First Published:||2006-04-17|
|Date Last Updated:||2006-04-17 16:16 UTC|