You are here: Known Vulnerabilities in Mozilla Products (Firefox 18.104.22.168) > MFSA 2006-04
Mozilla Foundation Security Advisory 2006-04
Title: Memory corruption via QueryInterface on Location, Navigator objects
Date: February 1, 2006
Reporter: Georgi Guninski
Products: Firefox, Thunderbird, SeaMonkey
Fixed in: Firefox 22.214.171.124
QueryInterface method of the built-in
Location and Navigator objects causes memory corruption
that might be exploitable to run arbitrary code.
This flaw appears to have been introduced during development of Firefox 1.5/SeaMonkey 1.0 -- Firefox 1.0 and the older Mozilla Suite 1.7 do not appear to be vulnerable.
Update (7 February 2006)
H D Moore of the Metasploit Project published a working exploit on milw0rm for the Linux and Mac OS X versions of Firefox 1.5. Severity upgraded to critical.
Update (13 April 2006)
This flaw has been fixed in Thunderbird 126.96.36.199