Vulnerabilites related to mozilla - mozilla_suite
Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.comhttp://secunia.com/advisories/16911
secalert@redhat.comhttp://secunia.com/advisories/16917
secalert@redhat.comhttp://secunia.com/advisories/16977
secalert@redhat.comhttp://secunia.com/advisories/17014
secalert@redhat.comhttp://secunia.com/advisories/17026
secalert@redhat.comhttp://secunia.com/advisories/17042
secalert@redhat.comhttp://secunia.com/advisories/17090
secalert@redhat.comhttp://secunia.com/advisories/17149
secalert@redhat.comhttp://secunia.com/advisories/17263
secalert@redhat.comhttp://secunia.com/advisories/17284
secalert@redhat.comhttp://securitytracker.com/id?1014954
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-838
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-866
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-868
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:169
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:170
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:174
secalert@redhat.comhttp://www.mozilla.org/security/announce/mfsa2005-58.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_58_mozilla.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-785.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-789.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-791.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14917
secalert@redhat.comhttp://www.securityfocus.com/bid/15495
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-200-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1824
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=303213
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/22377
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16911
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16917
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17014
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17026
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17042
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17090
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17149
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17263
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17284
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014954
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-868
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2005-58.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-785.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-789.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-791.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14917
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15495
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-200-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1824
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=303213
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/22377
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28",
              "versionEndIncluding": "1.7.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code."
    }
  ],
  "id": "CVE-2005-2705",
  "lastModified": "2024-11-21T00:00:11.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-23T19:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=303213"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=303213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1307"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19631Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19649Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19696Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19714Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19780Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21033Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/22065Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/22066Third Party Advisory
secalert@redhat.comhttp://securitytracker.com/id?1015919Third Party Advisory, VDB Entry
secalert@redhat.comhttp://securitytracker.com/id?1015920Third Party Advisory, VDB Entry
secalert@redhat.comhttp://securitytracker.com/id?1015921Third Party Advisory, VDB Entry
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051Third Party Advisory
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/350262Third Party Advisory, US Government Resource
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-20.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.htmlThird Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlThird Party Advisory, US Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3749Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=282105Issue Tracking, Vendor Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243Third Party Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19649Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22065Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22066Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015919Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015920Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015921Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/350262Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-20.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3749Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=282105Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901Third Party Advisory



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2",
              "versionEndExcluding": "1.0.8",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E",
              "versionEndExcluding": "1.7.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287",
              "versionEndExcluding": "1.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A088F32-0EA7-465D-A648-9802F9B6164C",
              "versionEndExcluding": "1.0.8",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "430C1B3A-9CE4-485A-B8DA-F7230E58F137",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML."
    }
  ],
  "evaluatorSolution": "Fixed in: \r\n  Firefox 1.5.0.2\r\n  Thunderbird 1.5.0.2\r\n  SeaMonkey 1.0.1",
  "id": "CVE-2006-1724",
  "lastModified": "2024-11-21T00:09:35.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015919"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015920"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015921"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/350262"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-20.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=282105"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/350262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-20.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=282105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19721Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19811Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19821
secalert@redhat.comhttp://secunia.com/advisories/19823Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19862Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19902Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19950Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622Vendor Advisory
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/813230US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-14.htmlExploit
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25815
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/813230US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-14.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25815
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5\r\n  Firefox 1.0.8\r\n  Thunderbird 1.5\r\n  Thunderbird 1.0.8\r\n  SeaMonkey 1.0\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1735",
  "lastModified": "2024-11-21T00:09:37.593",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/813230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-14.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25815"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/813230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-14.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.comhttp://secunia.com/advisories/16911
secalert@redhat.comhttp://secunia.com/advisories/16917
secalert@redhat.comhttp://secunia.com/advisories/16977
secalert@redhat.comhttp://secunia.com/advisories/17014
secalert@redhat.comhttp://secunia.com/advisories/17026
secalert@redhat.comhttp://secunia.com/advisories/17042
secalert@redhat.comhttp://secunia.com/advisories/17090
secalert@redhat.comhttp://secunia.com/advisories/17149
secalert@redhat.comhttp://secunia.com/advisories/17263
secalert@redhat.comhttp://secunia.com/advisories/17284
secalert@redhat.comhttp://securitytracker.com/id?1014954
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-838
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-866
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-868
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:169
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:170
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:174
secalert@redhat.comhttp://www.mozilla.org/security/announce/mfsa2005-58.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_58_mozilla.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-785.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-789.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-791.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14921
secalert@redhat.comhttp://www.securityfocus.com/bid/15495
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-200-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1824
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/22824
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16911
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16917
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17014
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17026
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17042
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17090
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17149
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17263
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17284
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014954
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-868
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2005-58.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-785.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-789.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-791.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14921
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15495
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-200-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1824
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/22824
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28",
              "versionEndIncluding": "1.7.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface."
    }
  ],
  "id": "CVE-2005-2704",
  "lastModified": "2024-11-21T00:00:11.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-23T19:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14921"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9784"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.comhttp://secunia.com/advisories/16911
secalert@redhat.comhttp://secunia.com/advisories/16917
secalert@redhat.comhttp://secunia.com/advisories/16977
secalert@redhat.comhttp://secunia.com/advisories/17014
secalert@redhat.comhttp://secunia.com/advisories/17026
secalert@redhat.comhttp://secunia.com/advisories/17149
secalert@redhat.comhttp://secunia.com/advisories/17263
secalert@redhat.comhttp://secunia.com/advisories/17284
secalert@redhat.comhttp://securitytracker.com/id?1014954
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-838
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-866
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-868
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:169
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:170
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:174
secalert@redhat.comhttp://www.mozilla.org/security/announce/mfsa2005-58.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_58_mozilla.html
secalert@redhat.comhttp://www.osvdb.org/19643
secalert@redhat.comhttp://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-785.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-789.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14916
secalert@redhat.comhttp://www.securityfocus.com/bid/15495
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-200-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1824
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/22373
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16911
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16917
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17014
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17026
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17149
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17263
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17284
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014954
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-868
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2005-58.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/19643
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-785.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-789.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14916
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15495
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-200-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1824
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/22373
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28",
              "versionEndIncluding": "1.7.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag."
    }
  ],
  "id": "CVE-2005-2701",
  "lastModified": "2024-11-21T00:00:11.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-23T19:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/19643"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14916"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22373"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/19643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9323"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
secalert@redhat.comhttp://secunia.com/advisories/19631Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19649Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19696Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19714Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19721Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19729Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19746Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19759Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19794Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19811Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19852Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19862Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19902Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21033Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/22066Third Party Advisory
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051Third Party Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075Third Party Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-23.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlBroken Link, Third Party Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25823Third Party Advisory, VDB Entry
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922Third Party Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/271-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/275-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19649Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22066Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-23.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlBroken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25823Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/Third Party Advisory



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2",
              "versionEndExcluding": "1.0.8",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E",
              "versionEndExcluding": "1.7.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287",
              "versionEndExcluding": "1.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n  Firefox 1.0.8\r\n  SeaMonkey 1.0.1\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1729",
  "lastModified": "2024-11-21T00:09:36.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25823"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/275-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19649Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19721Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19759Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19811Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19821Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19823Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19862Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19902Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19950Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://secunia.com/advisories/22065
secalert@redhat.comhttp://secunia.com/advisories/22066
secalert@redhat.comhttp://securityreason.com/securityalert/720
secalert@redhat.comhttp://securitytracker.com/id?1015915Patch
secalert@redhat.comhttp://securitytracker.com/id?1015916Patch
secalert@redhat.comhttp://securitytracker.com/id?1015917Patch
secalert@redhat.comhttp://securitytracker.com/id?1015918Patch
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/179014Third Party Advisory, US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-22.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.htmlVendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/431060/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3391
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3748
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3749
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0083
secalert@redhat.comhttp://www.zerodayinitiative.com/advisories/ZDI-06-010.htmlVendor Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25826
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19649Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22065
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22066
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/720
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015915Patch
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015916Patch
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015917Patch
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015918Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/179014Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-22.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/431060/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3391
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3748
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3749
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-06-010.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25826
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C169DA-26BC-42EE-817B-2F0685069495",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n  Firefox 1.0.8\r\n  Thunderbird 1.5.0.2\r\n  Thunderbird 1.0.8\r\n  SeaMonkey 1.0.1\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1730",
  "lastModified": "2024-11-21T00:09:36.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/720"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015915"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015916"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015917"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015918"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/179014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/431060/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/179014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-22.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/431060/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.comhttp://secunia.com/advisories/16911Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/16917Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/16977Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17014Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17026Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17042Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17090Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17149Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17263Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/17284Vendor Advisory
secalert@redhat.comhttp://securitytracker.com/id?1014954
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-838
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-866
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-868
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:169
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:170
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:174
secalert@redhat.comhttp://www.mozilla.org/security/announce/mfsa2005-58.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_58_mozilla.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-785.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-789.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-791.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14923
secalert@redhat.comhttp://www.securityfocus.com/bid/15495
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-200-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1824
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/22376
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16911Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16917Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17014Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17026Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17042Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17090Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17149Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17263Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17284Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014954
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-868
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2005-58.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-785.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-789.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-791.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14923
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15495
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-200-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1824
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/22376
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28",
              "versionEndIncluding": "1.7.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting."
    }
  ],
  "id": "CVE-2005-2703",
  "lastModified": "2024-11-21T00:00:11.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-23T19:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14923"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-09 15:03
Modified
2024-11-21 00:03
Severity ?
Summary
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
References
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
cve@mitre.orghttp://marc.info/?l=full-disclosure&m=113404911919629&w=2
cve@mitre.orghttp://marc.info/?l=full-disclosure&m=113405896025702&w=2
cve@mitre.orghttp://secunia.com/advisories/17934Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17944Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17946Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18700
cve@mitre.orghttp://secunia.com/advisories/18704
cve@mitre.orghttp://secunia.com/advisories/18705
cve@mitre.orghttp://secunia.com/advisories/18706
cve@mitre.orghttp://secunia.com/advisories/18708
cve@mitre.orghttp://secunia.com/advisories/18709
cve@mitre.orghttp://secunia.com/advisories/19230
cve@mitre.orghttp://secunia.com/advisories/19746
cve@mitre.orghttp://secunia.com/advisories/19759
cve@mitre.orghttp://secunia.com/advisories/19852
cve@mitre.orghttp://secunia.com/advisories/19862
cve@mitre.orghttp://secunia.com/advisories/19863
cve@mitre.orghttp://secunia.com/advisories/19902
cve@mitre.orghttp://secunia.com/advisories/19941
cve@mitre.orghttp://secunia.com/advisories/21033
cve@mitre.orghttp://secunia.com/advisories/21622
cve@mitre.orghttp://securitytracker.com/id?1015328
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1044
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1046
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1051
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:036
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:037
cve@mitre.orghttp://www.mozilla.org/security/announce/mfsa2006-03.html
cve@mitre.orghttp://www.mozilla.org/security/history-title.html
cve@mitre.orghttp://www.networksecurity.fi/advisories/netscape-history.html
cve@mitre.orghttp://www.osvdb.org/21533
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0199.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0200.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/425975/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/425978/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/438730/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/438730/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15773
cve@mitre.orghttp://www.securityfocus.com/bid/16476
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2805
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/0413
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/3391
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619
cve@mitre.orghttps://usn.ubuntu.com/271-1/
cve@mitre.orghttps://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=full-disclosure&m=113404911919629&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=full-disclosure&m=113405896025702&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17934Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17944Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17946Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18700
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18704
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18705
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18706
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18708
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18709
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015328
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:036
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:037
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2006-03.html
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/history-title.html
af854a3a-2127-422b-91ae-364da2661108http://www.networksecurity.fi/advisories/netscape-history.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21533
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0199.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0200.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/425975/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/425978/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15773
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16476
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2805
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0413
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3391
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A29B9-A7D3-4A5A-B21A-D701D0A10C76",
              "versionEndIncluding": "0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "328AFACF-FDA7-4FB5-A85E-4F349453301F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7_service_pack_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADCDD160-5239-47C5-AE7D-6060FB6E0037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "82A07303-9E74-4409-9853-8EC283734B64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6CAF6A-4E33-444F-B2DF-A270428B8C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD39C88-D4B7-4F7D-81AC-F99A143B82E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC40790-BCBF-4609-A7DC-5659B2233B7B",
              "versionEndIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F337E57D-2918-4141-8842-A9D58DB922E5",
              "versionEndIncluding": "8.0.40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup.  NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox.  Also, it has been independently reported that Netscape 8.1 does not have this issue."
    }
  ],
  "evaluatorSolution": "This issue was fixed in K-Meleon version 0.9.12.",
  "id": "CVE-2005-4134",
  "lastModified": "2024-11-21T00:03:31.373",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-09T15:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113404911919629\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113405896025702\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17934"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17944"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17946"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18700"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18704"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18705"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18706"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18708"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18709"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mozilla.org/security/history-title.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.networksecurity.fi/advisories/netscape-history.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/21533"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15773"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16476"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0413"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113404911919629\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113405896025702\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17946"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/history-title.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.networksecurity.fi/advisories/netscape-history.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/21533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15773"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714
secalert@redhat.comhttp://secunia.com/advisories/19721
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19811
secalert@redhat.comhttp://secunia.com/advisories/19823
secalert@redhat.comhttp://secunia.com/advisories/19852
secalert@redhat.comhttp://secunia.com/advisories/19862
secalert@redhat.comhttp://secunia.com/advisories/19863
secalert@redhat.comhttp://secunia.com/advisories/19902
secalert@redhat.comhttp://secunia.com/advisories/19941
secalert@redhat.comhttp://secunia.com/advisories/19950
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/492382US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-10.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25807
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/492382US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-10.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25807
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5\r\n  Firefox 1.0.8\r\n  Thunderbird 1.5\r\n  Thunderbird 1.0.8\r\n  SeaMonkey 1.0\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1742",
  "lastModified": "2024-11-21T00:09:38.833",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/492382"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/492382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-09-23 19:03
Modified
2024-11-21 00:00
Severity ?
Summary
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.comhttp://secunia.com/advisories/16911
secalert@redhat.comhttp://secunia.com/advisories/16917
secalert@redhat.comhttp://secunia.com/advisories/16977
secalert@redhat.comhttp://secunia.com/advisories/17014
secalert@redhat.comhttp://secunia.com/advisories/17026
secalert@redhat.comhttp://secunia.com/advisories/17042
secalert@redhat.comhttp://secunia.com/advisories/17090
secalert@redhat.comhttp://secunia.com/advisories/17149
secalert@redhat.comhttp://secunia.com/advisories/17263
secalert@redhat.comhttp://secunia.com/advisories/17284
secalert@redhat.comhttp://secunia.com/advisories/19823
secalert@redhat.comhttp://securitytracker.com/id?1014954
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-838
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-866
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-868
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:169
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:170
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:174
secalert@redhat.comhttp://www.mozilla.org/security/announce/mfsa2005-58.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_58_mozilla.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.osvdb.org/19648
secalert@redhat.comhttp://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-785.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-789.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-791.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14920
secalert@redhat.comhttp://www.securityfocus.com/bid/15495
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-200-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1824
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/22378
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16911
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16917
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17014
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17026
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17042
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17090
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17149
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17263
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17284
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1014954
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-868
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/mfsa2005-58.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/19648
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-785.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-789.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-791.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14920
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15495
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-200-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1824
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/22378
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9216BBE-9C9B-40F6-BB64-D20072344A38",
              "versionEndIncluding": "1.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B8BE80-E9C1-40AE-991C-437F10D81E28",
              "versionEndIncluding": "1.7.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla."
    }
  ],
  "id": "CVE-2005-2706",
  "lastModified": "2024-11-21T00:00:11.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-23T19:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/19648"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14920"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22378"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/19648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/1824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 18:02
Modified
2024-11-21 00:09
Severity ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714
secalert@redhat.comhttp://secunia.com/advisories/19721
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19811
secalert@redhat.comhttp://secunia.com/advisories/19821
secalert@redhat.comhttp://secunia.com/advisories/19823
secalert@redhat.comhttp://secunia.com/advisories/19852
secalert@redhat.comhttp://secunia.com/advisories/19862
secalert@redhat.comhttp://secunia.com/advisories/19863
secalert@redhat.comhttp://secunia.com/advisories/19902
secalert@redhat.comhttp://secunia.com/advisories/19941
secalert@redhat.comhttp://secunia.com/advisories/19950
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/329500US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-11.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25808
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/329500US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-11.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25808
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression."
    }
  ],
  "id": "CVE-2006-1737",
  "lastModified": "2024-11-21T00:09:37.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-14T18:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/329500"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/329500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascPatch
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19721Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19759Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19811Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19821Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19823Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19852Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19862Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19902Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19950Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622Vendor Advisory
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/488774US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-16.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25817
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascPatch
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/488774US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-16.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25817
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) \"by inserting an XBL method into the DOM\u0027s document.body prototype chain.\""
    }
  ],
  "evaluatorSolution": "This vulnerability also affects Mozilla, SeaMonkey, 1.0 and Mozilla, Suite, 1.7.13\r\n\r\nThis vulnerabiloity is addressed in the following product releases:\r\nMozilla, Firefox, 1.5\r\nMozilla, Firefox, 1.0.8\r\nMozilla, Thunderbird, 1.5\r\nMozilla, Thunderbird, 1.0.8\r\nMozilla, SeaMonkey, 1.0\r\nMozilla, Suite, 1.7.13\r\n",
  "id": "CVE-2006-1733",
  "lastModified": "2024-11-21T00:09:37.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/488774"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-16.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25817"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/488774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-16.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714
secalert@redhat.comhttp://secunia.com/advisories/19721
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19811
secalert@redhat.comhttp://secunia.com/advisories/19852
secalert@redhat.comhttp://secunia.com/advisories/19862
secalert@redhat.comhttp://secunia.com/advisories/19863
secalert@redhat.comhttp://secunia.com/advisories/19902
secalert@redhat.comhttp://secunia.com/advisories/19941
secalert@redhat.comhttp://secunia.com/advisories/21033
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-12.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=271194
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25813
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-12.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=271194
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25813
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5\r\n  Firefox 1.0.8\r\n  SeaMonkey 1.0\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1740",
  "lastModified": "2024-11-21T00:09:38.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-12.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=271194"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25813"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-12.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=271194"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
secalert@redhat.comhttp://secunia.com/advisories/19631Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19649Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19696Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19714Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19721Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19729Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19746Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19759Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19780Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19811Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19821Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19823Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19852Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19862Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19863Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19902Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19941Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/19950Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/20051Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21033Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/21622Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/22065Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/22066Third Party Advisory
secalert@redhat.comhttp://securitytracker.com/id?1015926Third Party Advisory, VDB Entry
secalert@redhat.comhttp://securitytracker.com/id?1015927Third Party Advisory, VDB Entry
secalert@redhat.comhttp://securitytracker.com/id?1015928Third Party Advisory, VDB Entry
secalert@redhat.comhttp://securitytracker.com/id?1015929Third Party Advisory, VDB Entry
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051Third Party Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xmlThird Party Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078Third Party Advisory
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-25.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_04_25.htmlBroken Link
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.htmlThird Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/3749Permissions Required, Third Party Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25824Third Party Advisory, VDB Entry
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364Third Party Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/271-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/275-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/276-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19649Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22065Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22066Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015926Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015927Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015928Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015929Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-25.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3749Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25824Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/Third Party Advisory



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F71241D-928E-43B4-82ED-5C27FEE1CDB2",
              "versionEndExcluding": "1.0.8",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DD4CED-138F-415C-9F00-583D92BB3C3E",
              "versionEndExcluding": "1.7.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287",
              "versionEndExcluding": "1.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A088F32-0EA7-465D-A648-9802F9B6164C",
              "versionEndExcluding": "1.0.8",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "430C1B3A-9CE4-485A-B8DA-F7230E58F137",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with \"Print Preview\"."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5.0.2\r\n  Firefox 1.0.8\r\n  Thunderbird 1.5.0.2\r\n  Thunderbird 1.0.8\r\n  SeaMonkey 1.0.1\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1727",
  "lastModified": "2024-11-21T00:09:35.930",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015927"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015928"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015929"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-25.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25824"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1015929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19721
secalert@redhat.comhttp://secunia.com/advisories/19746
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19852
secalert@redhat.comhttp://secunia.com/advisories/19862
secalert@redhat.comhttp://secunia.com/advisories/19863
secalert@redhat.comhttp://secunia.com/advisories/19902
secalert@redhat.comhttp://secunia.com/advisories/19941
secalert@redhat.comhttp://secunia.com/advisories/21033
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-13.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=293527
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25814
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-13.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=293527
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25814
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4461B287-CF95-44A0-8517-4423636CABBA",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC",
              "versionEndIncluding": "1.7.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5832619D-0D24-45AB-90ED-74FC96CF8436",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the \"Save image as...\" option.  NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename."
    }
  ],
  "evaluatorSolution": "Fixed in: Firefox 1.5\r\n  Firefox 1.0.8\r\n  SeaMonkey 1.0\r\n  Mozilla Suite 1.7.13",
  "id": "CVE-2006-1736",
  "lastModified": "2024-11-21T00:09:37.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-13.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=293527"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25814"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/275-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-13.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=293527"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/271-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/275-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-04-14 18:02
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secalert@redhat.comhttp://secunia.com/advisories/19631
secalert@redhat.comhttp://secunia.com/advisories/19696
secalert@redhat.comhttp://secunia.com/advisories/19714
secalert@redhat.comhttp://secunia.com/advisories/19721
secalert@redhat.comhttp://secunia.com/advisories/19729
secalert@redhat.comhttp://secunia.com/advisories/19746
secalert@redhat.comhttp://secunia.com/advisories/19759
secalert@redhat.comhttp://secunia.com/advisories/19780
secalert@redhat.comhttp://secunia.com/advisories/19794
secalert@redhat.comhttp://secunia.com/advisories/19811
secalert@redhat.comhttp://secunia.com/advisories/19821
secalert@redhat.comhttp://secunia.com/advisories/19852
secalert@redhat.comhttp://secunia.com/advisories/19862
secalert@redhat.comhttp://secunia.com/advisories/19863
secalert@redhat.comhttp://secunia.com/advisories/19902
secalert@redhat.comhttp://secunia.com/advisories/19941
secalert@redhat.comhttp://secunia.com/advisories/19950
secalert@redhat.comhttp://secunia.com/advisories/20051
secalert@redhat.comhttp://secunia.com/advisories/21033
secalert@redhat.comhttp://secunia.com/advisories/21622
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1044
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1046
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1051
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/252324US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
secalert@redhat.comhttp://www.mozilla.org/security/announce/2006/mfsa2006-11.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0328.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0329.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0330.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436296/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/436338/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/438730/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17516
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/1356
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25811
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1687
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9405
secalert@redhat.comhttps://usn.ubuntu.com/271-1/
secalert@redhat.comhttps://usn.ubuntu.com/275-1/
secalert@redhat.comhttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19631
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19714
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19746
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19759
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19780
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19852
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19862
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1044
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/252324US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-11.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0328.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436338/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25811
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1687
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9405
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/271-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/275-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B220F04-0B11-4171-8E1E-1F01668661C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4751BA65-0CEF-46B8-A15F-A86F411890B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95047540-D109-494F-930A-D6593EDE00C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0846804-2FA2-4D78-B3DD-67E5363B13C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "633B1DF5-FC67-428E-B4C7-9AC232F59FDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D3E5FB-C9AF-4908-A178-71294E8ACAF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",