Launchpad.net

CVE 2006-1993

Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

Related bugs and status

CVE-2006-1993 (Candidate) is related to these bugs:

Bug #42917: Update to 1.5.0.3

Summary				In	Importance	Status
	42917	Update to 1.5.0.3		firefox (Ubuntu)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securident....
BID: 17671
SECTRACK: 1015981
SECUNIA: 19802
CONFIRM: http://www.mozilla.org...
CERT-VN: VU#866300
DEBIAN: DSA-1053
GENTOO: GLSA-200605-06
DEBIAN: DSA-1055
SECUNIA: 20019
SECUNIA: 20015
SECUNIA: 20214
SECUNIA: 20070
SECUNIA: 22066
SREASON: 780
VUPEN: ADV-2006-1614
VUPEN: ADV-2006-1922
VUPEN: ADV-2006-3748
VUPEN: ADV-2008-0083
XF: firefox-iframe-content...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20060424 Firefox Remot...
HP: HPSBTU02118
HP: SSRT061145
HP: HPSBUX02153
HP: SSRT061181