CVE-2006-5159: Buffer Overflow

First published: Tue Oct 03 2006(Updated: )

** DISPUTED ** Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released a follow-up comment disputing the severity of this issue, in which the researcher states that "we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this... I have not succeeded in making this code do anything more than cause a crash and eat up system resources".

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	=0.8
Mozilla Firefox	=1.5-beta2
Mozilla Firefox	=1.5.4
Mozilla Firefox	=1.0.2
Mozilla Firefox	=1.5-beta1
Mozilla Firefox	=1.5
Mozilla Firefox	=0.9.1
Mozilla Firefox	=1.0.4
Mozilla Firefox	=1.0.7
Mozilla Firefox	=0.10.1
Mozilla Firefox	=0.9
Mozilla Firefox	=1.5.6
Mozilla Firefox	=1.0
Mozilla Firefox	=1.0.1
Mozilla Firefox	=preview_release
Mozilla Firefox	=1.5.7
Mozilla Firefox	=1.5.0.2
Mozilla Firefox	=1.0.3
Mozilla Firefox	=0.9.3
Mozilla Firefox	=1.5.5
Mozilla Firefox	=0.9.2
Mozilla Firefox	=2.0-beta_1
Mozilla Firefox	=0.9-rc
Mozilla Firefox	=1.5.8
Mozilla Firefox	=1.5.3
Mozilla Firefox	=1.5.0.1
Mozilla Firefox	=0.10
Mozilla Firefox	=1.0.5
Mozilla Firefox	=1.0.6
Mozilla Firefox	=1.0.8
	=0.8
	=0.9
	=0.9-rc
	=0.9.1
	=0.9.2
	=0.9.3
	=0.10
	=0.10.1
	=1.0
	=1.0.1
	=1.0.2
	=1.0.3
	=1.0.4
	=1.0.5
	=1.0.6
	=1.0.7
	=1.0.8
	=1.5
	=1.5-beta1
	=1.5-beta2
	=1.5.0.1
	=1.5.0.2
	=1.5.3
	=1.5.4
	=1.5.5
	=1.5.6
	=1.5.7
	=1.5.8
	=2.0-beta_1
	=preview_release

CVE-2006-5159: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact