Details

This vulnerability is currently undergoing analysis and not all information is available.
Please check back soon to view the completed vulnerability summary.




Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but as of 20061031, best available information suggests that it is only a null dereference.