ID CVE-2006-0293
Summary The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-10-2018 - 15:43)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
accepted 2009-11-09T04:00:05.333-05:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
  • name Mike Lah
    organization The MITRE Corporation
description The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects.
family windows
id oval:org.mitre.oval:def:1494
status accepted
submitted 2006-02-07T06:13:00.000-04:00
title Mozilla JavaScript Garbage-Collection Hazards in jsfun.c
version 5
refmap via4
bid 16476
confirm
debian
  • DSA-1044
  • DSA-1046
  • DSA-1051
gentoo GLSA-200604-18
hp
  • HPSBUX02122
  • HPSBUX02156
  • SSRT061158
  • SSRT061236
sectrack 1015570
secunia
  • 18700
  • 18704
  • 19862
  • 19863
  • 19902
  • 19941
  • 21622
  • 22065
sunalert
  • 102550
  • 228526
vupen
  • ADV-2006-0413
  • ADV-2006-3391
  • ADV-2006-3749
xf
  • firefox-function-allocation-code-execution(42654)
  • mozilla-javascript-memory-corruption(24430)
saint via4
bid 16476
description lla Firefox QueryInterface method memory corruption
id web_client_firefox
osvdb 22893
title firefox_queryinterface
type client
Last major update 19-10-2018 - 15:43
Published 02-02-2006 - 20:06
Back to Top