Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mozilla | Mozilla | 1.6 (including) | 1.6 (including) |
| Navigator | Netscape | 7.0 (including) | 7.0 (including) |
| Navigator | Netscape | 7.1 (including) | 7.1 (including) |
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
- http://bugzilla.mozilla.org/show_bug.cgi?id=236618
- http://www.idefense.com/application/poi/display?id=117\u0026type=vulnerabilities
- http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
- http://www.redhat.com/support/errata/RHSA-2004-421.html
- http://www.securityfocus.com/bid/15495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16862
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4629
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
- http://bugzilla.mozilla.org/show_bug.cgi?id=236618
- http://www.idefense.com/application/poi/display?id=117\u0026type=vulnerabilities
- http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
- http://www.redhat.com/support/errata/RHSA-2004-421.html
- http://www.securityfocus.com/bid/15495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16862
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4629
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378