Advisories:rPSA-2006-0059

From rPath Wiki

rPath Security Advisory 2006-0059-1

Published: 2006-05-03

Products

• rPath Linux 1

Rating

Severe

Exposure Level Classification

Remote User Non-deterministic Unauthorized Access

Updated Versions

• firefox=conary.rpath.com@rpl:1/1.5.0.3-1-0.1

rPath Issue Tracking System

• RPL-352

References

• CVE-2006-1993
• http://www.mozilla.org/security/announce/2006/mfsa2006-30.html
• http://securitytracker.com/alerts/2006/Apr/1015981.html
• http://www.securityfocus.com/archive/1/431878/30/0/

Description

In some previous versions of firefox, a security vulnerability allows

a remote user to create specially crafted HTML that, when loaded by

the target user, will trigger a memory access bug (where a deleted

object is incorrectly reused) and execute arbitrary code on the

target user's system or cause the target user's browser to crash.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html