New Search

Mozilla Integer overflows in E4X SVG and Canvas Features

oval:org.mitre.oval:def:1339

Multiple integer overflows in Mozilla Firefox 1.5 Thunderbird 1.5 if Javascript is enabled in mail and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X (2) nsSVGCairoSurface::Init in SVG and (3) nsCanvasRenderingContext2D.cpp in Canvas.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows NT
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2006-0297
Product(s):
  • mozilla