CVE-2006-2779

Priority
Description
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to
cause a denial of service (crash) and possibly execute arbitrary code via
(1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation
event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL
implementation, (6) an iframe that attempts to remove itself, which leads
to memory corruption.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:39:15 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)