7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.963 High
EPSS
Percentile
99.4%
Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.
Igor Bukanov discovered a bug in the way Mozilla’s Javascript interpreter
dereferences objects. If a user visits a malicious web page, Mozilla could
crash or execute arbitrary code as the user running Mozilla. The Common
Vulnerabilities and Exposures project assigned the name CVE-2006-0292 to
this issue.
moz_bug_r_a4 discovered a bug in Mozilla’s XULDocument.persist() function.
A malicious web page could inject arbitrary RDF data into a user’s
localstore.rdf file, which can cause Mozilla to execute arbitrary
javascript when a user runs Mozilla. (CVE-2006-0296)
A denial of service bug was found in the way Mozilla saves history
information. If a user visits a web page with a very long title, it is
possible Mozilla will crash or take a very long time the next time it is
run. (CVE-2005-4134)
Note that the Red Hat Enterprise Linux 3 packages also fix a bug when
using XSLT to transform documents. Passing DOM Nodes as parameters to
functions expecting an xsl:param could cause Mozilla to throw an exception.
Users of Mozilla are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | mozilla-nss | < 1.7.12-1.1.2.3 | mozilla-nss-1.7.12-1.1.2.3.ia64.rpm |
RedHat | any | i386 | mozilla-nss-devel | < 1.7.12-1.4.2 | mozilla-nss-devel-1.7.12-1.4.2.i386.rpm |
RedHat | any | i386 | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.i386.rpm |
RedHat | any | ppc | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.ppc.rpm |
RedHat | any | i386 | mozilla-nss | < 1.7.12-1.1.2.3 | mozilla-nss-1.7.12-1.1.2.3.i386.rpm |
RedHat | any | i386 | mozilla-devel | < 1.7.12-1.1.3.4 | mozilla-devel-1.7.12-1.1.3.4.i386.rpm |
RedHat | any | s390 | mozilla-chat | < 1.7.12-1.1.3.4 | mozilla-chat-1.7.12-1.1.3.4.s390.rpm |
RedHat | any | s390x | mozilla-devel | < 1.7.12-1.1.3.4 | mozilla-devel-1.7.12-1.1.3.4.s390x.rpm |
RedHat | any | s390 | mozilla-js-debugger | < 1.7.12-1.4.2 | mozilla-js-debugger-1.7.12-1.4.2.s390.rpm |
RedHat | any | i386 | mozilla-chat | < 1.7.12-1.4.2 | mozilla-chat-1.7.12-1.4.2.i386.rpm |