Zzen-parse has reported a vulnerability in Mozilla and Netscape, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the SOAPParameter object's constructor. This can e.g. be exploited via a malicious web page containing specially crafted javascript. This has been reported in Mozilla 1.6, and Netscape 7.0 and 7.1. Prior versions may also be affected.
Affected Mozilla/Netscape Web browsers:
- Mozilla 0.x
- Mozilla 1.0 to 1.6
- Netscape 7.x
View: Bugzilla Bug 236618
News source: Secunia