Debian DSA-1160-2 Critical: Remote Code Execution in Mozilla
debian
September 15, 2006
The latest security updates of Mozilla introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue
Summary
CVE-2006-2779
Mozilla team members discovered several crashes during testing of
the browser engine showing evidence of memory corruption which may
also lead to the execution of arbitrary code. The last bit of
this problem will be corrected with the next update. You can
prevent any trouble by disabling Javascript. [MFSA-2006-32]
CVE-2006-3805
The Javascript engine might allow remote attackers to execute
arbitrary code. [MFSA-2006-50]
CVE-2006-3806
Multiple integer overflows in the Javascript engine might allow
remote attackers to execute arbitrary code. [MFSA-2006-50]
CVE-2006-3807
Specially crafted Javascript allows remote attackers to execute
arbitrary code. [MFSA-2006-51]
CVE-2006-3808
Remote AutoConfig (PAC) servers could execute code with elevated
privileges via a specially crafted PAC script. [MFSA-2006-52]
CVE-2006-3809
Scripts with the UniversalBrowserRead privil...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!