A Mozilla Foundation Security Advisory reports of multiple
issues. Several of which can be used to run arbitrary code
with the privilege of the user running the program.
- MFSA 2006-56 chrome: scheme loading remote content
- MFSA 2006-55 Crashes with evidence of memory corruption
(rv:1.8.0.5)
- MFSA 2006-54 XSS with
XPCNativeWrapper(window).Function(...)
- MFSA 2006-53 UniversalBrowserRead privilege escalation
- MFSA 2006-52 PAC privilege escalation using
Function.prototype.call
- MFSA 2006-51 Privilege escalation using named-functions
and redefined "new Object()"
- MFSA 2006-50 JavaScript engine vulnerabilities
- MFSA 2006-49 Heap buffer overwrite on malformed VCard
- MFSA 2006-48 JavaScript new Function race condition
- MFSA 2006-47 Native DOM methods can be hijacked across
domains
- MFSA 2006-46 Memory corruption with simultaneous events
- MFSA 2006-45 Javascript navigator Object Vulnerability
- MFSA 2006-44 Code execution through deleted frame
reference