You are here: Known Vulnerabilities in Mozilla Products (Firefox 184.108.40.206) > MFSA 2006-46
Mozilla Foundation Security Advisory 2006-46
Title: Memory corruption with simultaneous events
Announced: July 25, 2006
Reporter: Secunia Research
Products: Firefox, SeaMonkey
Fixed in: Firefox 220.127.116.11
Secunia Research has discovered a vulnerability in Mozilla Firefox 1.5 branch, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an memory corruption error within the handling of simultaneously happening XPCOM events, which leads to use of a deleted timer object. This generally results in a crash but potentially could be exploited to execute arbitrary code on a user's system when a malicious website is visited.
This vulnerability was introduced during Firefox 1.5 development, it does not affect Firefox 1.0 or Mozilla Suite 1.7