Vulnerabilites related to mozilla - mozilla_suite
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38", "versionEndIncluding": "1.0.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28", "versionEndIncluding": "1.7.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code." } ], "id": "CVE-2005-2705", "lastModified": "2024-11-21T00:00:11.740", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-09-23T19:03:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16911" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16917" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16977" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17014" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17026" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17042" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17090" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17149" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17263" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17284" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1014954" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14917" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=303213" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22377" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17090" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=303213" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | * | |
mozilla | mozilla_suite | * | |
mozilla | seamonkey | * | |
mozilla | thunderbird | * | |
mozilla | thunderbird | * | |
debian | debian_linux | 3.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47", "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E", "versionEndExcluding": "1.7.13", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287", "versionEndExcluding": "1.0.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A088F32-0EA7-465D-A648-9802F9B6164C", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "430C1B3A-9CE4-485A-B8DA-F7230E58F137", "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML." } ], "evaluatorSolution": "Fixed in: \r\n Firefox 1.5.0.2\r\n Thunderbird 1.5.0.2\r\n SeaMonkey 1.0.1", "id": "CVE-2006-1724", "lastModified": "2024-11-21T00:09:35.427", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22065" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015919" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015920" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015921" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/350262" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-20.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=282105" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015919" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/350262" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-20.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=282105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | seamonkey | * | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | * | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*", "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436", "versionEndIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges." } ], "evaluatorSolution": "Fixed in: Firefox 1.5\r\n Firefox 1.0.8\r\n Thunderbird 1.5\r\n Thunderbird 1.0.8\r\n SeaMonkey 1.0\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1735", "lastModified": "2024-11-21T00:09:37.593", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19821" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/813230" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-14.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25815" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/813230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-14.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38", "versionEndIncluding": "1.0.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28", "versionEndIncluding": "1.7.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface." } ], "id": "CVE-2005-2704", "lastModified": "2024-11-21T00:00:11.610", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-09-23T19:03:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16911" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16917" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16977" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17014" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17026" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17042" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17090" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17149" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17263" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17284" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1014954" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14921" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22824" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17090" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38", "versionEndIncluding": "1.0.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28", "versionEndIncluding": "1.7.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag." } ], "id": "CVE-2005-2701", "lastModified": "2024-11-21T00:00:11.210", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-09-23T19:03:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16911" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16917" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16977" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17014" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17026" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17149" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17263" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17284" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1014954" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "secalert@redhat.com", "url": "http://www.osvdb.org/19643" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14916" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22373" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/19643" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | * | |
mozilla | mozilla_suite | * | |
mozilla | seamonkey | * | |
canonical | ubuntu_linux | 4.10 | |
canonical | ubuntu_linux | 5.04 | |
canonical | ubuntu_linux | 5.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47", "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E", "versionEndExcluding": "1.7.13", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287", "versionEndExcluding": "1.0.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*", "matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler." } ], "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n Firefox 1.0.8\r\n SeaMonkey 1.0.1\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1729", "lastModified": "2024-11-21T00:09:36.393", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25823" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/275-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.0.7 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5.0.1 | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | mozilla_suite | 1.7.12 | |
mozilla | seamonkey | 1.0 | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.0.7 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5.0.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*", "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6C169DA-26BC-42EE-817B-2F0685069495", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow." } ], "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n Firefox 1.0.8\r\n Thunderbird 1.5.0.2\r\n Thunderbird 1.0.8\r\n SeaMonkey 1.0.1\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1730", "lastModified": "2024-11-21T00:09:36.610", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/22065" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/22066" }, { "source": "secalert@redhat.com", "url": "http://securityreason.com/securityalert/720" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015915" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015916" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015917" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015918" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/179014" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/431060/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015915" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015918" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/179014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/431060/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38", "versionEndIncluding": "1.0.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28", "versionEndIncluding": "1.7.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting." } ], "id": "CVE-2005-2703", "lastModified": "2024-11-21T00:00:11.470", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-09-23T19:03:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16911" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16917" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16977" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17014" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17026" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17042" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17090" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17149" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17263" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17284" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1014954" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14923" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/16977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17090" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14923" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-09 15:03
Modified
2024-11-21 00:03
Severity ?
Summary
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
k-meleon_project | k-meleon | * | |
k-meleon_project | k-meleon | 0.7 | |
k-meleon_project | k-meleon | 0.7_service_pack_1 | |
k-meleon_project | k-meleon | 0.8 | |
k-meleon_project | k-meleon | 0.8.1 | |
k-meleon_project | k-meleon | 0.8.2 | |
mozilla | firefox | * | |
mozilla | mozilla_suite | * | |
netscape | navigator | * | |
netscape | navigator | 7.1 | |
netscape | navigator | 7.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC0A29B9-A7D3-4A5A-B21A-D701D0A10C76", "versionEndIncluding": "0.9", "vulnerable": true }, { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "328AFACF-FDA7-4FB5-A85E-4F349453301F", "vulnerable": true }, { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7_service_pack_1:*:*:*:*:*:*:*", "matchCriteriaId": "ADCDD160-5239-47C5-AE7D-6060FB6E0037", "vulnerable": true }, { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "82A07303-9E74-4409-9853-8EC283734B64", "vulnerable": true }, { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C6CAF6A-4E33-444F-B2DF-A270428B8C9E", "vulnerable": true }, { "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "9BD39C88-D4B7-4F7D-81AC-F99A143B82E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FC40790-BCBF-4609-A7DC-5659B2233B7B", "versionEndIncluding": "1.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*", "matchCriteriaId": "F337E57D-2918-4141-8842-A9D58DB922E5", "versionEndIncluding": "8.0.40", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue." } ], "evaluatorSolution": "This issue was fixed in K-Meleon version 0.9.12.", "id": "CVE-2005-4134", "lastModified": "2024-11-21T00:03:31.373", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-09T15:03:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure\u0026m=113404911919629\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure\u0026m=113405896025702\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17934" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17944" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17946" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18700" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18704" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18705" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18706" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18708" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18709" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19230" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19746" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19759" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19852" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19862" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19863" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19902" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19941" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/21033" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/21622" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015328" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037" }, { "source": "cve@mitre.org", "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html" }, { "source": "cve@mitre.org", "url": "http://www.mozilla.org/security/history-title.html" }, { "source": "cve@mitre.org", "url": "http://www.networksecurity.fi/advisories/netscape-history.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/21533" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15773" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16476" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2805" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/0413" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure\u0026m=113404911919629\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure\u0026m=113405896025702\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17934" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17944" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17946" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18700" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18704" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18706" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18709" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015328" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/history-title.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.networksecurity.fi/advisories/netscape-history.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/21533" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15773" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/16476" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2805" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | seamonkey | * | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | * | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*", "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436", "versionEndIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption." } ], "evaluatorSolution": "Fixed in: Firefox 1.5\r\n Firefox 1.0.8\r\n Thunderbird 1.5\r\n Thunderbird 1.0.8\r\n SeaMonkey 1.0\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1742", "lastModified": "2024-11-21T00:09:38.833", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/492382" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/492382" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38", "versionEndIncluding": "1.0.6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28", "versionEndIncluding": "1.7.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla." } ], "id": "CVE-2005-2706", "lastModified": "2024-11-21T00:00:11.867", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-09-23T19:03:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16911" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16917" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/16977" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17014" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17026" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17042" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17090" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17149" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17263" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/17284" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1014954" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.osvdb.org/19648" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14920" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22378" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17090" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/19648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15495" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-200-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22378" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 18:02
Modified
2024-11-21 00:09
Severity ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.0.7 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | mozilla_suite | 1.7.12 | |
mozilla | seamonkey | 1.0 | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.0.7 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*", "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression." } ], "id": "CVE-2006-1737", "lastModified": "2024-11-21T00:09:37.933", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-14T18:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19821" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/329500" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/329500" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | seamonkey | * | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | * | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*", "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436", "versionEndIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) \"by inserting an XBL method into the DOM\u0027s document.body prototype chain.\"" } ], "evaluatorSolution": "This vulnerability also affects Mozilla, SeaMonkey, 1.0 and Mozilla, Suite, 1.7.13\r\n\r\nThis vulnerabiloity is addressed in the following product releases:\r\nMozilla, Firefox, 1.5\r\nMozilla, Firefox, 1.0.8\r\nMozilla, Thunderbird, 1.5\r\nMozilla, Thunderbird, 1.0.8\r\nMozilla, SeaMonkey, 1.0\r\nMozilla, Suite, 1.7.13\r\n", "id": "CVE-2006-1733", "lastModified": "2024-11-21T00:09:37.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/488774" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-16.html" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25817" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/488774" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-16.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25817" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | seamonkey | * | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | * | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*", "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436", "versionEndIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site." } ], "evaluatorSolution": "Fixed in: Firefox 1.5\r\n Firefox 1.0.8\r\n SeaMonkey 1.0\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1740", "lastModified": "2024-11-21T00:09:38.480", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-12.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=271194" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25813" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-12.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=271194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25813" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | * | |
mozilla | mozilla_suite | * | |
mozilla | seamonkey | * | |
mozilla | thunderbird | * | |
mozilla | thunderbird | * | |
canonical | ubuntu_linux | 4.10 | |
canonical | ubuntu_linux | 5.04 | |
canonical | ubuntu_linux | 5.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47", "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E", "versionEndExcluding": "1.7.13", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287", "versionEndExcluding": "1.0.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A088F32-0EA7-465D-A648-9802F9B6164C", "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "430C1B3A-9CE4-485A-B8DA-F7230E58F137", "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*", "matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with \"Print Preview\"." } ], "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n Firefox 1.0.8\r\n Thunderbird 1.5.0.2\r\n Thunderbird 1.0.8\r\n SeaMonkey 1.0.1\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1727", "lastModified": "2024-11-21T00:09:35.930", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19729" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19780" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/20051" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22065" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015926" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015927" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015928" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015929" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-25.html" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "secalert@redhat.com", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25824" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/275-1/" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/276-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19649" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19823" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/19950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/20051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/22066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1015929" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3391" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/276-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | * | |
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | * | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | seamonkey | * | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | * | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC", "versionEndIncluding": "1.7.12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*", "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436", "versionEndIncluding": "1.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31", "versionEndIncluding": "1.0.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the \"Save image as...\" option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename." } ], "evaluatorSolution": "Fixed in: Firefox 1.5\r\n Firefox 1.0.8\r\n SeaMonkey 1.0\r\n Mozilla Suite 1.7.13", "id": "CVE-2006-1736", "lastModified": "2024-11-21T00:09:37.787", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-04-14T10:02:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19631" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19721" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19746" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19759" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19794" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19852" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19862" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19863" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19902" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19941" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21033" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21622" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "secalert@redhat.com", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-13.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=293527" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25814" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/275-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19746" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19941" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-13.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=293527" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25814" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/271-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/275-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-14 18:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | 1.0 | |
mozilla | firefox | 1.0.1 | |
mozilla | firefox | 1.0.2 | |
mozilla | firefox | 1.0.3 | |
mozilla | firefox | 1.0.4 | |
mozilla | firefox | 1.0.5 | |
mozilla | firefox | 1.0.6 | |
mozilla | firefox | 1.0.7 | |
mozilla | firefox | 1.5 | |
mozilla | firefox | 1.5 | |
mozilla | mozilla_suite | 1.7.6 | |
mozilla | mozilla_suite | 1.7.7 | |
mozilla | mozilla_suite | 1.7.8 | |
mozilla | mozilla_suite | 1.7.10 | |
mozilla | mozilla_suite | 1.7.11 | |
mozilla | mozilla_suite | 1.7.12 | |
mozilla | seamonkey | 1.0 | |
mozilla | seamonkey | 1.0 | |
mozilla | thunderbird | 1.0 | |
mozilla | thunderbird | 1.0.1 | |
mozilla | thunderbird | 1.0.2 | |
mozilla | thunderbird | 1.0.3 | |
mozilla | thunderbird | 1.0.4 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.5 | |
mozilla | thunderbird | 1.0.6 | |
mozilla | thunderbird | 1.0.7 | |
mozilla | thunderbird | 1.5 | |
mozilla | thunderbird | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*", "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",