- February 1, 2006
- Igor Bukanov
- Firefox, Mozilla Suite, SeaMonkey, Thunderbird
- Fixed in
- Firefox 1.0.8
- Firefox 188.8.131.52
- Mozilla Suite 1.7.13
- SeaMonkey 1
- Thunderbird 1.0.8
- Thunderbird 184.108.40.206
The risk appears remote, but this type of memory corruption could potentially be used by an attacker to run arbitrary code.
CVE-2006-0293 was introduced during Firefox 1.5 development and does not affect Firefox 1.0. CVE-2006-0292 affects all versions of Firefox.
Update (13 April 2006)
This flaw has been fixed in Thunderbird 220.127.116.11
Updated versions of Firefox 1.0, Thunderbird 1.0, and the Mozilla Suite 1.7 have been released containing this fix.