Severity: : Low
  CVE Kennungen: : CVE-2006-1730
  Advisory Date: 11 de февраля de 2011

  DESCRIPTION

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.

  INFORMATION EXPOSURE

Fixed in:  Firefox 1.5.0.2,  Firefox 1.0.8, Thunderbird 1.5.0.2, Thunderbird 1.0.8, SeaMonkey 1.0.1, Mozilla Suite 1.7.13

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000757
  Trend Micro Deep Security DPI Rule Name: 1000757 - CSS Letter-Spacing Heap Overflow Vulnerability

  AFFECTED SOFTWARE AND VERSION:

  • Mozilla Firefox 1.0
  • Mozilla Firefox 1.0.1
  • Mozilla Firefox 1.0.2
  • Mozilla Firefox 1.0.3
  • Mozilla Firefox 1.0.4
  • Mozilla Firefox 1.0.5
  • Mozilla Firefox 1.0.6
  • Mozilla Firefox 1.0.7
  • Mozilla Firefox 1.5
  • Mozilla Firefox 1.5.0.1
  • Mozilla Mozilla suite 1.7.10
  • Mozilla Mozilla suite 1.7.11
  • Mozilla Mozilla suite 1.7.12
  • Mozilla Mozilla suite 1.7.6
  • Mozilla Mozilla suite 1.7.7
  • Mozilla Mozilla suite 1.7.8
  • Mozilla SeaMonkey 1.0
  • Mozilla Thunderbird 1.0
  • Mozilla Thunderbird 1.0.1
  • Mozilla Thunderbird 1.0.2
  • Mozilla Thunderbird 1.0.3
  • Mozilla Thunderbird 1.0.4
  • Mozilla Thunderbird 1.0.5
  • Mozilla Thunderbird 1.0.6
  • Mozilla Thunderbird 1.0.7
  • Mozilla Thunderbird 1.5
  • Mozilla Thunderbird 1.5.0.1