CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Mozilla 1.2
http://secunia.com/product/3100/
Mozilla 1.1
http://secunia.com/product/98/
Mozilla 1.0
http://secunia.com/product/97/
Mozilla 0.x
http://secunia.com/product/772/
Mozilla 1.3
http://secunia.com/product/1480/
Mozilla 1.4
http://secunia.com/product/1481/
Mozilla 1.5
http://secunia.com/product/2478/
Mozilla 1.6
http://secunia.com/product/3101/
Netscape 7.x
http://secunia.com/product/85/

DESCRIPTION:
zen-parse has reported a vulnerability in Mozilla and Netscape,
potentially allowing malicious people to compromise a vulnerable
system.

The vulnerability is caused due to an integer overflow within the
SOAPParameter object's constructor. This can e.g. be exploited via a
malicious web page containing specially crafted javascript.

This has been reported in Mozilla 1.6, and Netscape 7.0 and 7.1.
Prior versions may also be affected.

SOLUTION:
Mozilla 1.7.1 is reportedly not vulnerable.

Disable javascript in Netscape.

http://secunia.com/advisories/12204/