|
|
Mozilla Firefox XML Handler Race Condition Memory Corruption Vulnerability
|
Bugtraq ID:
|
19534
|
|
Class:
|
Race Condition Error
|
|
CVE:
|
CVE-2006-4261
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Aug 15 2006 12:00AM
|
|
Updated:
|
Sep 05 2007 03:42PM
|
|
Credit:
|
Michal Zalewski <lcamtuf@dione.ids.pl> discovered this vulnerability. Juha-Matti Laurio tested the issue in K-Meleon, Flock, and Netscape.
|
|
Vulnerable:
|
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
S.u.S.E. SUSE Linux Enterprise Server 10
S.u.S.E. SUSE Linux Enterprise Desktop 10
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 10.1
Novell Linux Desktop 9
Netscape Browser 8.0.4
Netscape Browser 8.0.3 .3
Netscape Browser 8.0.1
Netscape Browser 8.1
Netscape Browser 8.0
Mozilla Thunderbird 1.5.0.5
Mozilla SeaMonkey 1.0.3
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.3
+
Gentoo Linux
Mozilla Firefox 1.0.2
+
MandrakeSoft Linux Mandrake 10.2 x86_64
+
MandrakeSoft Linux Mandrake 10.2
+
MandrakeSoft Linux Mandrake 10.2
+
RedHat Desktop 4.0
+
RedHat Desktop 4.0
+
RedHat Enterprise Linux AS 4
+
RedHat Enterprise Linux AS 4
+
RedHat Enterprise Linux ES 4
+
RedHat Enterprise Linux ES 4
+
RedHat Enterprise Linux WS 4
+
RedHat Enterprise Linux WS 4
Mozilla Firefox 1.0.1
+
RedHat Fedora Core3
Mozilla Firefox 1.0
+
Gentoo Linux
+
Gentoo Linux
+
S.u.S.E. Linux Personal 9.2 x86_64
+
S.u.S.E. Linux Personal 9.2 x86_64
+
S.u.S.E. Linux Personal 9.2
+
S.u.S.E. Linux Personal 9.2
+
S.u.S.E. Linux Personal 9.1 x86_64
+
S.u.S.E. Linux Personal 9.1 x86_64
+
S.u.S.E. Linux Personal 9.1
+
S.u.S.E. Linux Personal 9.1
+
S.u.S.E. Linux Personal 9.0 x86_64
+
S.u.S.E. Linux Personal 9.0 x86_64
+
S.u.S.E. Linux Personal 9.0
+
S.u.S.E. Linux Personal 9.0
+
Slackware Linux 10.1
+
Slackware Linux 10.0
+
Slackware Linux 10.0
+
Slackware Linux 9.1
+
Slackware Linux 9.1
+
Slackware Linux -current
+
Slackware Linux -current
Mozilla Firefox 0.10.1
Mozilla Firefox 0.10
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9
Mozilla Firefox 0.8
Mozilla Firefox 2.0 beta 1
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.1
MandrakeSoft Linux Mandrake 2006.0 x86_64
MandrakeSoft Linux Mandrake 2006.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
K-Meleon K-Meleon 1.0.1
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.11
Flock Flock 0.7.4 1
|
|
|
|
Not Vulnerable:
|
Netscape Browser 8.1.3
Mozilla Thunderbird 1.5.0.7
Mozilla SeaMonkey 1.0.5
Mozilla Firefox 1.5.0.7
|
|
|
