New Search

Element position: Style Change Vulnerability

oval:org.mitre.oval:def:1514

Mozilla Firefox before 1.5.0.1 Thunderbird 1.5 if running Javascript in mail and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static which causes Gecko to operate on freed memory.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows NT
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2006-0294
Product(s):
  • mozilla