Red Hat Bugzilla – Bug 188867
CVE-2006-1724 Crashes with evidence of memory corruption (126.96.36.199)
Last modified: 2007-11-30 17:07:24 EST
Crashes with evidence of memory corruption (188.8.131.52)
As part of the Firefox 184.108.40.206 release we fixed several crash bugs to
improve the stability of the product, with a particular focus on finding
crashes caused by DHTML. Some of these crashes showed evidence of memory
corruption that we presume could be exploited to run arbitrary code with
Note: Thunderbird shares the browser engine with Firefox and could be
the mail portion of SeaMonkey.
Also fixed in Firefox/Thunderbird 1.0.8, Mozilla Suite 1.7.13
Muck with the boxobject's internal frame pointer.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.