This security update addresses one vulnerability in the JavaScript Engine of Mozilla 1.7 for Solaris 8, 9, and 10. It is possible for a remote attacker to crash Mozilla or execute arbitrary code as the local Mozilla user when a specially crafted web page or email is loaded (CVE-2006-6498). Sun has not yet made a patch available, but recommends disabling JavaScipt to work around the issue. More detailed information can be found at SunSolve.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply