New Search

Mozilla CSS Letter-Spacing Heap Overflow Vulnerability

oval:org.mitre.oval:def:1614

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8 Mozilla Suite before 1.7.13 and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2006-1730
Product(s):
  • mozilla