Red Hat Bugzilla – Bug 188835
CVE-2006-1724 Crashes with evidence of memory corruption (18.104.22.168)
Last modified: 2007-11-30 17:11:30 EST
Crashes with evidence of memory corruption (22.214.171.124)
As part of the Firefox 126.96.36.199 release we fixed several crash bugs to
improve the stability of the product, with a particular focus on finding
crashes caused by DHTML. Some of these crashes showed evidence of memory
corruption that we presume could be exploited to run arbitrary code with
Note: Thunderbird shares the browser engine with Firefox and could be
the mail portion of SeaMonkey.
Also fixed in Firefox/Thunderbird 1.0.8, Mozilla Suite 1.7.13
Muck with the boxobject's internal frame pointer.
This issue also affects FC4
These issues have been resolved in FEDORA-2006-411 for FC5 and FEDORA-2006-410