Mozilla XML.prototype.hasOwnProperty() method memory corruption vulnerability

Overview

Mozilla products fail to properly handle the XML.prototype.hasOwnProperty() method. This vulnerability may allow a remote attacker execute arbitrary code.

Description

The ECMAScript for XML (E4X) Specification defines the XML.prototype.hasOwnProperty() as a JavaScript method used to determine if an object contains a specific property. Mozilla products fail to properly handle the XML.prototype.hasOwnProperty() method, which can lead to memory corruption.

For more information refer to Mozilla Foundation Security Advisory 2006-65.

---

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. The attacker could also cause the vulnerable application to crash.

---

Solution

Apply an update

According to the Mozilla Foundation Security Update 2006-65, this vulnerability is addressed in Firefox 1.5.0.8, Thunderbird 1.5.0.8, and SeaMonkey 1.0.6.

Note that according to Mozilla:

Firefox 1.5.0.x will be maintained with security and stability updates until April 24, 2007. All users are strongly encouraged to upgrade to Firefox 2.

---

Disable JavaScript

This vulnerability can be mitigated by disabling JavaScript.

---

Vendor Information

815432

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Mozilla __ Affected

Updated: November 08, 2006

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Refer to <http://www.mozilla.org/security/announce/2006/mfsa2006-65.html&gt;.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23815432 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <https://bugzilla.mozilla.org/show_bug.cgi?id=355569&gt;
• <http://www.mozilla.org/security/announce/2006/mfsa2006-65.html&gt;
• <http://www.mozilla.org/js/language/ECMA-357.pdf&gt;
• <http://www.mozilla.com/en-US/firefox/releases/1.5.0.8.html&gt;
• <http://www.mozilla.com/thunderbird/releases/1.5.0.8.html&gt;
• <http://www.mozilla.org/projects/seamonkey/&gt;
• <http://www.mozilla.com/en-US/firefox/&gt;
• <http://secunia.com/advisories/22929/&gt;
• <http://secunia.com/advisories/22980/&gt;
• <http://secunia.com/advisories/23013/&gt;
• <http://secunia.com/advisories/22763/&gt;
• <http://secunia.com/advisories/23009/&gt;
• <http://secunia.com/advisories/22815/&gt;
• <http://secunia.com/advisories/22727/&gt;
• <http://secunia.com/advisories/22770/&gt;
• <http://secunia.com/advisories/22722/&gt;

Acknowledgements

This vulnerability was reported in Mozilla Foundation Security Advisory 2006-65. Mozilla credits shutdown for providing information concerning this issue.

This document was written by Jeff Gennari.

Other Information

CVE IDs:	CVE-2006-5747
Severity Metric:	14.45 Date Public: