CSS Letter-Spacing Heap Overflow Vulnerability
Gravedad: Bajo
Identificadores de CVE : CVE-2006-1730
Fecha recomendada: 11 de febrero de 2011
Descripción
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
Revelación de la información
Fixed in: Firefox 1.5.0.2, Firefox 1.0.8, Thunderbird 1.5.0.2, Thunderbird 1.0.8, SeaMonkey 1.0.1, Mozilla Suite 1.7.13
Soluciones
Trend Micro Deep Security DPI Rule Number: 1000757
Trend Micro Deep Security DPI Rule Name: 1000757 - CSS Letter-Spacing Heap Overflow Vulnerability
Software y versión afectados
- Mozilla Firefox 1.0
- Mozilla Firefox 1.0.1
- Mozilla Firefox 1.0.2
- Mozilla Firefox 1.0.3
- Mozilla Firefox 1.0.4
- Mozilla Firefox 1.0.5
- Mozilla Firefox 1.0.6
- Mozilla Firefox 1.0.7
- Mozilla Firefox 1.5
- Mozilla Firefox 1.5.0.1
- Mozilla Mozilla suite 1.7.10
- Mozilla Mozilla suite 1.7.11
- Mozilla Mozilla suite 1.7.12
- Mozilla Mozilla suite 1.7.6
- Mozilla Mozilla suite 1.7.7
- Mozilla Mozilla suite 1.7.8
- Mozilla SeaMonkey 1.0
- Mozilla Thunderbird 1.0
- Mozilla Thunderbird 1.0.1
- Mozilla Thunderbird 1.0.2
- Mozilla Thunderbird 1.0.3
- Mozilla Thunderbird 1.0.4
- Mozilla Thunderbird 1.0.5
- Mozilla Thunderbird 1.0.6
- Mozilla Thunderbird 1.0.7
- Mozilla Thunderbird 1.5
- Mozilla Thunderbird 1.5.0.1