Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-2sdu-6918-myba |
|---|
| Summary | Garbage collection hazards have been found in the JavaScript
engine where some routines used temporary variables
that were not properly protected (rooted). Specially crafted objects
could contain a user-defined method that would be called during
the lifetime of these temporaries. If this method triggered
garbage collection the engine would operate on the unexpectedly freed
temporary object when it returned from the user-defined routine.The risk appears remote, but this type of memory corruption could
potentially be used by an attacker to run arbitrary code.CVE-2006-0293 was introduced during Firefox 1.5 development and does not
affect Firefox 1.0. CVE-2006-0292 affects all versions of Firefox.Thunderbird shares the JavaScript engine with Firefox
and could be vulnerable if JavaScript is enabled in mail. This is not
the default setting; we strongly discourage users from running
JavaScript in mail.Update (13 April 2006)
This flaw has been fixed in Thunderbird 1.5.0.2Updated versions of Firefox 1.0, Thunderbird 1.0, and the Mozilla Suite 1.7
have been released containing this fix. |
|---|
| Aliases |
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
|
|---|
| References |
|
|---|
| Weaknesses |
|
|---|
| Exploits |
|
|---|
| Severity_range_score | null |
|---|
| Exploitability | null |
|---|
| Weighted_severity | null |
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-2sdu-6918-myba |
|---|