Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2006-07-27T19:00:00
Updated: 2024-08-07T18:48:37.876Z
Reserved: 2006-07-24T00:00:00
Link: CVE-2006-3803
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-07-27T19:04:00.000
Modified: 2018-10-17T21:30:27.437
Link: CVE-2006-3803
Redhat