Oval Definition:	oval:org.mitre.oval:def:1339
Revision Date: 2009-11-09 Version: 4 Title: Mozilla Integer overflows in E4X, SVG, and Canvas Features Description: Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-0297 Platform(s): Microsoft Windows 2000 Microsoft Windows NT Microsoft Windows Server 2003 Microsoft Windows XP Product(s): mozilla Definition Synopsis Mozilla Firefox version 1.5 is installed and has NOT been patched with version 1.5.0.1 Mozilla Firefox version 1.5 is installed AND Firefox version 1.5 or earlier is installed AND NOT The version of Firefox.exe is greater than or equal to 1.8.20060.11112 OR A pre-release of SeaMonkey 1.0 is installed A pre-release of SeaMonkey 1.0 is installed AND A pre-release of SeaMonkey 1.0 is installed
BACK