A number of memory corruption vulnerabilities have been found in the Mozilla application which may allow a remote user who is able to create a web page which is visited by a local user using the Mozilla browser, or who sends a specially crafted email that is read by a local user using Mozilla, to either cause the Mozilla application to crash or execute arbitrary code with the privileges of the user running Mozilla.
The ability of a remote user to cause the Mozilla application to crash is a type of Denial of Service (DoS).
The following Mozilla advisory describes ten separate memory corruption issues:
This Sun Alert corresponds to four of the issues described in the Mozilla advisory above:
Memory corruption involving BoxObjects (Neil Rashbrook):
Memory corruption involving BoxObjects (Boris Zbarsky):
Potential integer overflow in jsstr tagify (Georgi Guninski):
Content-implemented tree views can corrupt memory (Boris Zbarsky):
CVE-2006-2779 describes nine of the ten issues documented in Mozilla advisory MFSA 2006-32 which includes the above issues 329219, 326931, and 326501.
CVE-2006-2780 describes the tenth issue documented in Mozilla advisory MFSA 2006-32, the integer overflow in the jsstr tagify, 335535.
CERT VU#466673 references all ten issues described in Mozilla advisory MFSA 2006-32.