Intrusion Prevention

XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption

Description

This indicates an attack attempt against a memory-corruption vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey.
This vulnerability is caused by the application's failure to properly free structures. A remote attacker may exploit this to execute arbitrary code or cause a denial-of-service condition.

Affected Products

Mozilla Firefox version 1.5.0.7 and prior
Mozilla Thunderbird version 1.5.0.7 and prior
Mozilla SeaMonkey version 1.0.5 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service.

Recommended Actions

Upgrade the software to the latest version:
http://www.mozilla.org/products/

CVE References

CVE-2006-4253