Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
Link Providers
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc cve-icon cve-icon
http://lcamtuf.coredump.cx/ffoxdie.html cve-icon cve-icon
http://lcamtuf.coredump.cx/ffoxdie3.html cve-icon cve-icon
http://secunia.com/advisories/21513 cve-icon cve-icon
http://secunia.com/advisories/21906 cve-icon cve-icon
http://secunia.com/advisories/21915 cve-icon cve-icon
http://secunia.com/advisories/21916 cve-icon cve-icon
http://secunia.com/advisories/21939 cve-icon cve-icon
http://secunia.com/advisories/21940 cve-icon cve-icon
http://secunia.com/advisories/21949 cve-icon cve-icon
http://secunia.com/advisories/21950 cve-icon cve-icon
http://secunia.com/advisories/22001 cve-icon cve-icon
http://secunia.com/advisories/22025 cve-icon cve-icon
http://secunia.com/advisories/22036 cve-icon cve-icon
http://secunia.com/advisories/22055 cve-icon cve-icon
http://secunia.com/advisories/22056 cve-icon cve-icon
http://secunia.com/advisories/22066 cve-icon cve-icon
http://secunia.com/advisories/22074 cve-icon cve-icon
http://secunia.com/advisories/22088 cve-icon cve-icon
http://secunia.com/advisories/22195 cve-icon cve-icon
http://secunia.com/advisories/22210 cve-icon cve-icon
http://secunia.com/advisories/22274 cve-icon cve-icon
http://secunia.com/advisories/22391 cve-icon cve-icon
http://secunia.com/advisories/22422 cve-icon cve-icon
http://secunia.com/advisories/24711 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200609-19.xml cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200610-01.xml cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200610-04.xml cve-icon cve-icon
http://securitytracker.com/id?1016846 cve-icon cve-icon
http://securitytracker.com/id?1016847 cve-icon cve-icon
http://securitytracker.com/id?1016848 cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:169 cve-icon cve-icon
http://www.mozilla.org/security/announce/2006/mfsa2006-59.html cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html cve-icon cve-icon
http://www.pianetapc.it/view.php?id=770 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0675.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0676.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0677.html cve-icon cve-icon
http://www.securiteam.com/securitynews/5VP0M0AJFW.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/443020/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/443306/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/443500/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/443528/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/446140/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/447837/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/447840/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/448956/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/448984/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/449245/100/100/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/449487/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/449726/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/19488 cve-icon cve-icon
http://www.securityfocus.com/bid/19534 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-350-1 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-351-1 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-352-1 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-354-1 cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3617 cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3748 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/1198 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0083 cve-icon cve-icon
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 cve-icon cve-icon
https://bugzilla.mozilla.org/show_bug.cgi?id=348514 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-640 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2006-4253 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2006-4253 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T19:06:07.637Z

Reserved: 2006-08-21T00:00:00

Link: CVE-2006-4253

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2006-08-21T20:04:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4253

cve-icon Redhat

Severity : Important

Publid Date: 2006-08-12T00:00:00Z

Links: CVE-2006-4253 - Bugzilla

cve-icon OpenCVE Enrichment

No data.