X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102865 Security Vulnerability in Mozilla 1.7 JavaScript Engine for Solaris

Guest Author
Product: Mozilla v1.7, Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

A security vulnerability related to untimely "garbage collection" in Mozilla 1.7 for Solaris 8, 9 and 10 may result in the deletion of a temporary object that was in active use. This may allow a remote unprivileged user to run arbitrary code with the privileges of the user running Mozilla or create a Denial of Service (DoS) condition.

This issue is described in the following documents:

http://www.mozilla.org/security/announce/mfsa2006-50.html

CVE-2006-3805 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3805

CERT VU# 876420 at http://www.kb.cert.org/vuls/id/876420

Avoidance: Patch
State: Resolved
First released: 30-Mar-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.