CVE-2006-1993

Priority
Description
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote
attackers to cause a denial of service and possibly execute arbitrary code
via certain Javascript that is not properly handled by the
contentWindow.focus method in an iframe, which causes a reference to a
deleted controller context object. NOTE: this was originally claimed to be
a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor
disputes this claim.
Notes
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 21:52:45 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)