CVE-2006-0294
EPSS 6.0%
Description
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.
How to fix CVE-2006-0294
To remediate CVE-2006-0294, upgrade the affected package to a fixed version below.
- Debian/thunderbird—upgrade to 1.5.0.2-1 or later
Is CVE-2006-0294 being exploited?
Moderate — EPSS is 6.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.5.0.2-1