First published: Thu Jul 27 2006(Updated: )
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla SeaMonkey | =1.0.1 | |
Mozilla Firefox | =1.5.0.3 | |
Mozilla SeaMonkey | =1.0 | |
Mozilla Firefox | =1.5 | |
Mozilla SeaMonkey | =1.0.2 | |
Mozilla Thunderbird | =1.5 | |
Mozilla Thunderbird | =1.5.0.2 | |
Mozilla Firefox | =1.5.0.2 | |
Mozilla SeaMonkey | =1.0 | |
Mozilla Firefox | =1.5.0.4 | |
Mozilla Firefox | =1.5.0.1 | |
Mozilla Thunderbird | =1.5.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.