Integer overflow in Mozilla Firefox and Thunderbird 1.x prior to 1.5.0.2 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0.1 allows remote malicious users to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla firefox 1.0 |
||
mozilla firefox 1.0.7 |
||
mozilla firefox 1.5 |
||
mozilla mozilla suite 1.7.6 |
||
mozilla mozilla suite 1.7.7 |
||
mozilla thunderbird 1.0.4 |
||
mozilla thunderbird 1.0.5 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.0.4 |
||
mozilla mozilla suite 1.7.10 |
||
mozilla seamonkey 1.0 |
||
mozilla thunderbird 1.0 |
||
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 1.0.7 |
||
mozilla thunderbird 1.5 |
||
mozilla firefox 1.0.5 |
||
mozilla firefox 1.0.6 |
||
mozilla mozilla suite 1.7.11 |
||
mozilla mozilla suite 1.7.12 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.0.3 |
||
mozilla thunderbird 1.5.0.1 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.5.0.1 |
||
mozilla mozilla suite 1.7.8 |
||
mozilla thunderbird 1.0.6 |
Vulmon