2008-06-19 23:41:00 2018-10-11 22:42:54

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Mozilla Thunderbird 2.0.0.9 Mozilla Thunderbird 2.0.0.6 Mozilla Thunderbird 2.0.0.5 Mozilla Thunderbird 2.0.0.0 Mozilla Thunderbird 2.0.0.4 Mozilla Thunderbird 1.5.0.13 Mozilla Thunderbird 1.5.0.14 Mozilla Thunderbird 1.5.0.12 Mozilla Thunderbird 1.5.0.10 Mozilla Thunderbird 1.5.0.9 Mozilla Thunderbird 1.5.0.8 Mozilla Thunderbird 1.5.0.7 Mozilla Thunderbird 1.5.0.5 Mozilla Thunderbird 1.5.0.4 Mozilla Thunderbird 1.5.0.2 Mozilla Thunderbird 1.0.8 Mozilla Thunderbird 1.5 Mozilla Thunderbird 1.0.7 Mozilla Thunderbird 1.0.6 Mozilla Thunderbird 1.0.5 Mozilla Thunderbird 1.0.2 Mozilla Thunderbird 1.0 Mozilla Thunderbird 0.9 Mozilla Thunderbird 0.8 Mozilla Thunderbird 0.7 Mozilla Thunderbird 0.6 Mozilla Thunderbird 0.4 Mozilla Thunderbird 0.5 Mozilla Thunderbird 0.3 Mozilla Thunderbird 0.2 Mozilla Thunderbird 0.1 Mozilla SeaMonkey 1.1.10 Mozilla SeaMonkey 1.1.8 Mozilla SeaMonkey 1.1.9 Mozilla Seamonkey 1.1.7 Mozilla Seamonkey 1.1.6 Mozilla Seamonkey 1.1.5 Mozilla Seamonkey 1.1.4 Mozilla Seamonkey 1.1.3 Mozilla Seamonkey 1.1.2 Mozilla Seamonkey 1.1.1 Mozilla SeaMonkey 1.1 beta Mozilla SeaMonkey 1.1 alpha Mozilla SeaMonkey 1.1 Mozilla SeaMonkey 1.0.9 Mozilla SeaMonkey 1.0.8 Mozilla SeaMonkey 1.0.7 Mozilla SeaMonkey 1.0.6 Mozilla SeaMonkey 1.0.5 Mozilla SeaMonkey 1.0.4 Mozilla SeaMonkey 1.0.3 Mozilla SeaMonkey 1.0.2 Mozilla SeaMonkey 1.0.1 Mozilla SeaMonkey 1.0 beta Mozilla SeaMonkey 1.0 alpha Mozilla SeaMonkey 1.0 Mozilla Firefox 3.0 Mozilla Firefox 2.0.0.15 Mozilla Firefox 2.0.0.14 Mozilla Firefox 2.0.0.13 Mozilla Firefox 2.0.0.12 Mozilla Firefox 2.0.0.11 Mozilla Firefox 2.0.0.10 Mozilla Firefox 2.0.0.9 Mozilla Firefox 2.0.0.8 Mozilla Firefox 2.0.0.7 Mozilla Firefox 2.0.0.6 Mozilla Firefox 2.0.0.5 Mozilla Firefox 2.0.0.4 Mozilla Firefox 2.0.0.3 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0.0.1 Mozilla Firefox 2.0 Mozilla Thunderbird 2.0.0.12 Mozilla Thunderbird 2.0.0.14