Red Hat Bugzilla – Bug 195241
CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2781, CVE-2006-2788)
Last modified: 2007-11-30 17:11:35 EST
This was originally bug 194617, until Bugzilla barfed yesterday. Entering
Summary: CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2781,
Product: Fedora Core
This issue also affects Fedora Core 5. A lot of the problems fixed in 220.127.116.11
don't seem that severe, but a few of these are serious enough to at least turn
some heads. And it's been public for a quite a while now.
+++ This bug was initially created as a clone of Bug #193906 +++
Text stolen from MITRE:
Double-free vulnerability in Mozilla Thunderbird before 18.104.22.168 and
SeaMonkey before 1.0.2 allows remote attackers to cause a denial of
service (hang) and possibly execute arbitrary code via a VCard that
contains invalid base64 characters.
Mozilla Firefox and Thunderbird before 22.214.171.124 allow remote attackers
to cause a denial of service (crash) and possibly execute arbitrary
code via (1) nested <option> tags in a select tag, (2) a
DOMNodeRemoved mutation event, (3) "Content-implemented tree views,"
(4) BoxObjects, (5) the XBL implementation, (6) an iframe that
attempts to remove itself, which leads to memory corruption.
-- Additional comment from email@example.com on 2006-06-02 16:22 EST --
These issues also affect RHEL2.1 and RHEL3
-- Additional comment from firstname.lastname@example.org on 2006-06-02 16:34 EST --
Also this issue:
Double-free vulnerability in the getRawDER function for nsIX509Cert in
Firefox allows remote attackers to cause a denial of service (hang)
------- Additional Comments From email@example.com 2006-06-12 10:39 EST -------
Removing dependency on bug #193906, since that's really a separate issue since
it requires backports.
I still don't see an update for this even in the testing tree.
Kai, Dennis -- I understand you were working on rolling firefox &/or thunderbird
packages yesterday for 126.96.36.199. How is that coming along?
some trouble with build system, hope to have it done by tomorrow.
tb is already out on rawhide
*** Bug 195315 has been marked as a duplicate of this bug. ***
ff and tb 188.8.131.52 have been released on fc5 and rawhide