ID CVE-2006-0295
Summary Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 19-10-2018 - 15:43)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
oval via4
accepted 2009-11-09T04:00:06.261-05:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Mike Lah
    organization The MITRE Corporation
description Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
family windows
id oval:org.mitre.oval:def:1562
status accepted
submitted 2006-02-07T06:13:00.000-04:00
title Mozilla QueryInterface Memory Corruption Vulnerability
version 5
refmap via4
bid 16476
cert TA06-038A
cert-vn VU#759273
confirm
hp
  • HPSBUX02156
  • SSRT061236
sectrack 1015570
secunia
  • 18700
  • 18704
  • 22065
vupen
  • ADV-2006-0413
  • ADV-2006-3749
xf mozilla-queryinterface-memory-corruption(24433)
saint via4
bid 16476
description lla Firefox QueryInterface method memory corruption
id web_client_firefox
osvdb 22893
title firefox_queryinterface
type client
Last major update 19-10-2018 - 15:43
Published 02-02-2006 - 20:06
Back to Top