CVE-2006-0294

EPSS 6.0%

Published: 2/2/2006Modified: 4/28/2026

Description

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.

Affected packages (1)

Debian/thunderbirdfrom 0, < 1.5.0.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-0294