Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2006-1737
Vulnerability from cvelistv5
Published
2006-04-14 18:00
Modified
2024-08-07 17:19
Severity ?
EPSS score ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:19:49.504Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "USN-275-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/275-1/" }, { "name": "mozilla-javascript-regexpr-memory-corruption(25808)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "name": "RHSA-2006:0330", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "name": "SSRT061145", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "name": "19902", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19902" }, { "name": "20060404-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "name": "USN-276-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/276-1/" }, { "name": "HPSBUX02122", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "19941", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19941" }, { "name": "19780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19780" }, { "name": "RHSA-2006:0328", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "name": "19821", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19821" }, { "name": "GLSA-200604-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "name": "21622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21622" }, { "name": "19862", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19862" }, { "name": "MDKSA-2006:075", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "name": "19823", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19823" }, { "name": "DSA-1051", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "name": "FEDORA-2006-410", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "name": "USN-271-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/271-1/" }, { "name": "19714", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19714" }, { "name": "RHSA-2006:0329", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "name": "GLSA-200604-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "name": "19811", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19811" }, { "name": "HPSBTU02118", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "name": "19794", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19794" }, { "name": "19746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19746" }, { "name": "21033", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21033" }, { "name": "102550", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "name": "19696", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19696" }, { "name": "19759", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19759" }, { "name": "SUSE-SA:2006:021", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "name": "FLSA:189137-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "name": "ADV-2006-1356", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "name": "SSRT061158", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:10817", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "name": "MDKSA-2006:078", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "name": "19729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19729" }, { "name": "20051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20051" }, { "name": "19863", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19863" }, { "name": "SCOSA-2006.26", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "name": "TA06-107A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "name": "FLSA:189137-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "name": "17516", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/17516" }, { "name": "VU#329500", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/329500" }, { "name": "228526", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "name": "FEDORA-2006-411", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "name": "19852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19852" }, { "name": "19721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19721" }, { "name": "SUSE-SA:2006:022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "name": "GLSA-200605-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "name": "19631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19631" }, { "name": "oval:org.mitre.oval:def:1829", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "name": "19950", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19950" }, { "name": "MDKSA-2006:076", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "name": "DSA-1046", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "name": "DSA-1044", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1044" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-04-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "USN-275-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/275-1/" }, { "name": "mozilla-javascript-regexpr-memory-corruption(25808)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "name": "RHSA-2006:0330", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "name": "SSRT061145", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "name": "19902", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19902" }, { "name": "20060404-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "name": "USN-276-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/276-1/" }, { "name": "HPSBUX02122", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "19941", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19941" }, { "name": "19780", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19780" }, { "name": "RHSA-2006:0328", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "name": "19821", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19821" }, { "name": "GLSA-200604-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "name": "21622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21622" }, { "name": "19862", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19862" }, { "name": "MDKSA-2006:075", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "name": "19823", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19823" }, { "name": "DSA-1051", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "name": "FEDORA-2006-410", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "name": "USN-271-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/271-1/" }, { "name": "19714", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19714" }, { "name": "RHSA-2006:0329", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "name": "GLSA-200604-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "name": "19811", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19811" }, { "name": "HPSBTU02118", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "name": "19794", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19794" }, { "name": "19746", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19746" }, { "name": "21033", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21033" }, { "name": "102550", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "name": "19696", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19696" }, { "name": "19759", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19759" }, { "name": "SUSE-SA:2006:021", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "name": "FLSA:189137-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "name": "ADV-2006-1356", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "name": "SSRT061158", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:10817", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "name": "MDKSA-2006:078", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "name": "19729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19729" }, { "name": "20051", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20051" }, { "name": "19863", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19863" }, { "name": "SCOSA-2006.26", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "name": "TA06-107A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "name": "FLSA:189137-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "name": "17516", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/17516" }, { "name": "VU#329500", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/329500" }, { "name": "228526", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "name": "FEDORA-2006-411", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "name": "19852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19852" }, { "name": "19721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19721" }, { "name": "SUSE-SA:2006:022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "name": "GLSA-200605-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "name": "19631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19631" }, { "name": "oval:org.mitre.oval:def:1829", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "name": "19950", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19950" }, { "name": "MDKSA-2006:076", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "name": "DSA-1046", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "name": "DSA-1044", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1044" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-1737", "datePublished": "2006-04-14T18:00:00", "dateReserved": "2006-04-12T00:00:00", "dateUpdated": "2024-08-07T17:19:49.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2006-1737\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-04-14T18:02:00.000\",\"lastModified\":\"2024-11-21T00:09:37.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A545A77-2198-4685-A87F-E0F2DAECECF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"778FAE0C-A5CF-4B67-93A9-1A803E3E699F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7447185-7509-449D-8907-F30A42CF7EB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDBAC37-9D08-44D1-B279-BC6ACF126CAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FFF89FA-2020-43CC-BACD-D66117B3DD26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"834BB391-5EB5-43A8-980A-D305EDAE6FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A38AD88-BAA6-4FBE-885B-69E951BD1EFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B500EE6C-99DB-49A3-A1F1-AFFD7FE28068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB88E86-6E83-4A59-9266-8B98AA91774D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BE50FE-EA21-4633-A181-CD35196DF06E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B220F04-0B11-4171-8E1E-1F01668661C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4751BA65-0CEF-46B8-A15F-A86F411890B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95047540-D109-494F-930A-D6593EDE00C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0846804-2FA2-4D78-B3DD-67E5363B13C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"633B1DF5-FC67-428E-B4C7-9AC232F59FDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D3E5FB-C9AF-4908-A178-71294E8ACAF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*\",\"matchCriteriaId\":\"D62F740C-706B-4290-AD92-3ECBC3D30768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055D1044-9FC5-45AA-8407-649E96C5AFE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1C87A5-C14D-4A23-B865-3BB1FCDC8470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0D56153-E20A-46D8-859E-A51E5C03D674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C51A6F4-F88F-4BF2-BF71-5DC48559C085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFC390CB-774C-47BE-95C3-059943A9E645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"379F6A73-B45F-4094-8167-4E929FFB1749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71DE7AC-553B-4524-8B33-5605518449EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B02389-0DCD-45BC-A09F-CB6B75940616\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FB87608-0DF8-4729-95C5-CFA386AB3AC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A406214-29E5-4E13-B2E1-1CF72F1E60BC\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19696\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19714\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19721\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19729\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19746\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19759\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19780\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19794\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19811\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19821\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19852\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19862\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19863\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19902\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19941\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19950\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/20051\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/21033\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/21622\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1044\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1046\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1051\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/329500\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:075\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:076\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:078\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-11.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_04_25.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0328.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0329.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0330.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/436296/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/436338/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/438730/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/438730/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25808\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/271-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/275-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/276-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19714\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19862\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19902\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1046\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/329500\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-11.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_04_25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0328.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0329.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0330.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/436296/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/436338/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438730/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438730/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/271-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/275-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/276-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
rhsa-2006_0328
Vulnerability from csaf_redhat
Published
2006-04-14 15:54
Modified
2024-11-22 00:14
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
Updated firefox packages that fix several security bugs are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
[Updated 24 Apr 2006]
The erratum text has been updated to include CVE-2006-0748, an issue fixed
by these erratum packages but which was not public at the time of release.
No changes have been made to the packages.
Details
Mozilla Firefox is an open source Web browser.
Several bugs were found in the way Firefox processes malformed javascript.
A malicious web page could modify the content of a different open web page,
possibly stealing sensitive information or conducting a cross-site
scripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)
Several bugs were found in the way Firefox processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware. (CVE-2006-1727,
CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)
Several bugs were found in the way Firefox processes malformed web pages.
A carefully crafted malicious web page could cause the execution of
arbitrary code as the user running Firefox. (CVE-2006-0748, CVE-2006-0749,
CVE-2006-1724, CVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739,
CVE-2006-1790)
A bug was found in the way Firefox displays the secure site icon. If a
browser is configured to display the non-default secure site modal warning
dialog, it may be possible to trick a user into believing they are viewing
a secure site. (CVE-2006-1740)
A bug was found in the way Firefox allows javascript mutation events on
"input" form elements. A malicious web page could be created in such a way
that when a user submits a form, an arbitrary file could be uploaded to the
attacker. (CVE-2006-1729)
Users of Firefox are advised to upgrade to these updated packages
containing Firefox version 1.0.8 which corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated firefox packages that fix several security bugs are now available.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.\n\n[Updated 24 Apr 2006]\nThe erratum text has been updated to include CVE-2006-0748, an issue fixed\nby these erratum packages but which was not public at the time of release.\nNo changes have been made to the packages.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open source Web browser.\n\nSeveral bugs were found in the way Firefox processes malformed javascript.\nA malicious web page could modify the content of a different open web page,\npossibly stealing sensitive information or conducting a cross-site\nscripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)\n\nSeveral bugs were found in the way Firefox processes certain javascript\nactions. A malicious web page could execute arbitrary javascript\ninstructions with the permissions of \"chrome\", allowing the page to steal\nsensitive information or install browser malware. (CVE-2006-1727,\nCVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)\n\nSeveral bugs were found in the way Firefox processes malformed web pages.\nA carefully crafted malicious web page could cause the execution of\narbitrary code as the user running Firefox. (CVE-2006-0748, CVE-2006-0749,\nCVE-2006-1724, CVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739,\nCVE-2006-1790) \n\nA bug was found in the way Firefox displays the secure site icon. If a\nbrowser is configured to display the non-default secure site modal warning\ndialog, it may be possible to trick a user into believing they are viewing\na secure site. (CVE-2006-1740)\n\nA bug was found in the way Firefox allows javascript mutation events on\n\"input\" form elements. A malicious web page could be created in such a way\nthat when a user submits a form, an arbitrary file could be uploaded to the\nattacker. (CVE-2006-1729)\n\nUsers of Firefox are advised to upgrade to these updated packages\ncontaining Firefox version 1.0.8 which corrects these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2006:0328", "url": "https://access.redhat.com/errata/RHSA-2006:0328" }, { "category": "external", "summary": "http://www.mozilla.com/firefox/releases/1.0.8.html", "url": "http://www.mozilla.com/firefox/releases/1.0.8.html" }, { "category": "external", "summary": "http://www.redhat.com/security/updates/classification/#critical", "url": "http://www.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "183537", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=183537" }, { "category": "external", "summary": "188814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188814" }, { "category": "external", "summary": "188816", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188816" }, { "category": "external", "summary": "188818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188818" }, { "category": "external", "summary": "188820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188820" }, { "category": "external", "summary": "188822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188822" }, { "category": "external", "summary": "188824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188824" }, { "category": "external", "summary": "188826", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188826" }, { "category": "external", "summary": "188828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188828" }, { "category": "external", "summary": "188830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188830" }, { "category": "external", "summary": "188832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188832" }, { "category": "external", "summary": "188834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188834" }, { "category": "external", "summary": "188836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188836" }, { "category": "external", "summary": "188838", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188838" }, { "category": "external", "summary": "188840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188840" }, { "category": "external", "summary": "188842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188842" }, { "category": "external", "summary": "188844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188844" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0328.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T00:14:21+00:00", "generator": { "date": "2024-11-22T00:14:21+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2006:0328", "initial_release_date": "2006-04-14T15:54:00+00:00", "revision_history": [ { "date": "2006-04-14T15:54:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2006-04-14T00:00:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T00:14:21+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4", "product": { "name": "Red Hat Enterprise Linux AS version 4", "product_id": "4AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop version 4", "product": { "name": "Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4", "product": { "name": "Red Hat Enterprise Linux ES version 4", "product_id": "4ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4", "product": { "name": "Red Hat Enterprise Linux WS version 4", "product_id": "4WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.ia64", "product": { "name": "firefox-0:1.0.8-1.4.1.ia64", "product_id": "firefox-0:1.0.8-1.4.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=ia64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.src", "product": { "name": "firefox-0:1.0.8-1.4.1.src", "product_id": "firefox-0:1.0.8-1.4.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.x86_64", "product": { "name": "firefox-0:1.0.8-1.4.1.x86_64", "product_id": "firefox-0:1.0.8-1.4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.i386", "product": { "name": "firefox-0:1.0.8-1.4.1.i386", "product_id": "firefox-0:1.0.8-1.4.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=i386" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.ppc", "product": { "name": "firefox-0:1.0.8-1.4.1.ppc", "product_id": "firefox-0:1.0.8-1.4.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=ppc" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.s390x", "product": { "name": "firefox-0:1.0.8-1.4.1.s390x", "product_id": "firefox-0:1.0.8-1.4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "firefox-0:1.0.8-1.4.1.s390", "product": { "name": "firefox-0:1.0.8-1.4.1.s390", "product_id": "firefox-0:1.0.8-1.4.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@1.0.8-1.4.1?arch=s390" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "product": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "product_id": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@1.0.8-1.4.1?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.src" }, "product_reference": "firefox-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.src" }, "product_reference": "firefox-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.src" }, "product_reference": "firefox-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.src" }, "product_reference": "firefox-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4WS" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-0748", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618020" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via \"an invalid and non-sensical ordering of table-related tags\" that results in a negative array index.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0748" }, { "category": "external", "summary": "RHBZ#1618020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618020" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0748", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748" } ], "release_date": "2006-04-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-0749", "discovery_date": "2005-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "183537" } ], "notes": [ { "category": "description", "text": "nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a \"particular sequence of HTML tags\" that leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "Firefox Tag Order Vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0749" }, { "category": "external", "summary": "RHBZ#183537", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=183537" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0749", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Firefox Tag Order Vulnerability" }, { "cve": "CVE-2006-1724", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618047" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1724" }, { "category": "external", "summary": "RHBZ#1618047", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618047" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1724", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1727", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618048" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with \"Print Preview\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1727" }, { "category": "external", "summary": "RHBZ#1618048", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618048" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1727", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1728", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618049" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1728" }, { "category": "external", "summary": "RHBZ#1618049", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618049" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1728", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1729", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618050" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1729" }, { "category": "external", "summary": "RHBZ#1618050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618050" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1729", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1729" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1730", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618051" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1730" }, { "category": "external", "summary": "RHBZ#1618051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1730", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1731", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618052" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1731" }, { "category": "external", "summary": "RHBZ#1618052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1731", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1732", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618053" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1732" }, { "category": "external", "summary": "RHBZ#1618053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1732", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1733", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618054" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) \"by inserting an XBL method into the DOM\u0027s document.body prototype chain.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1733" }, { "category": "external", "summary": "RHBZ#1618054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618054" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1733", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1734", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618055" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the \"clone parent\" internal function.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1734" }, { "category": "external", "summary": "RHBZ#1618055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1734", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1735", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618056" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1735" }, { "category": "external", "summary": "RHBZ#1618056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618056" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1735", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1737", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618057" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1737" }, { "category": "external", "summary": "RHBZ#1618057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1737", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1738", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618058" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1738" }, { "category": "external", "summary": "RHBZ#1618058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618058" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1738", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1739", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618059" } ], "notes": [ { "category": "description", "text": "The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1739" }, { "category": "external", "summary": "RHBZ#1618059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1739", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1740", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618060" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1740" }, { "category": "external", "summary": "RHBZ#1618060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618060" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1740", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1740" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "security flaw" }, { "cve": "CVE-2006-1741", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618061" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) \"using a modal alert to suspend an event handler while a new page is being loaded\", (2) using eval(), and using certain variants involving (3) \"new Script;\" and (4) using window.__proto__ to extend eval, aka \"cross-site JavaScript injection\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1741" }, { "category": "external", "summary": "RHBZ#1618061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1741", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1742", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618062" } ], "notes": [ { "category": "description", "text": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1742" }, { "category": "external", "summary": "RHBZ#1618062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1742", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1790", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618063" } ], "notes": [ { "category": "description", "text": "A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1790" }, { "category": "external", "summary": "RHBZ#1618063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1790", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-14T15:54:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:firefox-0:1.0.8-1.4.1.i386", "4AS:firefox-0:1.0.8-1.4.1.ia64", "4AS:firefox-0:1.0.8-1.4.1.ppc", "4AS:firefox-0:1.0.8-1.4.1.s390", "4AS:firefox-0:1.0.8-1.4.1.s390x", "4AS:firefox-0:1.0.8-1.4.1.src", "4AS:firefox-0:1.0.8-1.4.1.x86_64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-0:1.0.8-1.4.1.i386", "4Desktop:firefox-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-0:1.0.8-1.4.1.s390", "4Desktop:firefox-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-0:1.0.8-1.4.1.src", "4Desktop:firefox-0:1.0.8-1.4.1.x86_64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:firefox-0:1.0.8-1.4.1.i386", "4ES:firefox-0:1.0.8-1.4.1.ia64", "4ES:firefox-0:1.0.8-1.4.1.ppc", "4ES:firefox-0:1.0.8-1.4.1.s390", "4ES:firefox-0:1.0.8-1.4.1.s390x", "4ES:firefox-0:1.0.8-1.4.1.src", "4ES:firefox-0:1.0.8-1.4.1.x86_64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:firefox-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:firefox-0:1.0.8-1.4.1.i386", "4WS:firefox-0:1.0.8-1.4.1.ia64", "4WS:firefox-0:1.0.8-1.4.1.ppc", "4WS:firefox-0:1.0.8-1.4.1.s390", "4WS:firefox-0:1.0.8-1.4.1.s390x", "4WS:firefox-0:1.0.8-1.4.1.src", "4WS:firefox-0:1.0.8-1.4.1.x86_64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.i386", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:firefox-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0328" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" } ] }
rhsa-2006_0329
Vulnerability from csaf_redhat
Published
2006-04-18 11:12
Modified
2024-11-22 00:14
Summary
Red Hat Security Advisory: mozilla security update
Notes
Topic
Updated mozilla packages that fix several security bugs are now available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
[Updated 24 Apr 2006]
The erratum text has been updated to include the details of additional
issues that were fixed by these erratum packages but which were not public
at the time of release. No changes have been made to the packages.
Details
Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.
Several bugs were found in the way Mozilla processes malformed javascript.
A malicious web page could modify the content of a different open web
page, possibly stealing sensitive information or conducting a cross-site
scripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)
Several bugs were found in the way Mozilla processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware. (CVE-2006-1727,
CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)
Several bugs were found in the way Mozilla processes malformed web pages.
A carefully crafted malicious web page could cause the execution of
arbitrary code as the user running Mozilla. (CVE-2006-0748, CVE-2006-0749,
CVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739, CVE-2006-1790)
A bug was found in the way Mozilla displays the secure site icon. If a
browser is configured to display the non-default secure site modal warning
dialog, it may be possible to trick a user into believing they are viewing
a secure site. (CVE-2006-1740)
A bug was found in the way Mozilla allows javascript mutation events on
"input" form elements. A malicious web page could be created in such a way
that when a user submits a form, an arbitrary file could be uploaded to the
attacker. (CVE-2006-1729)
A bug was found in the way Mozilla executes in-line mail forwarding. If a
user can be tricked into forwarding a maliciously crafted mail message as
in-line content, it is possible for the message to execute javascript with
the permissions of "chrome". (CVE-2006-0884)
Users of Mozilla are advised to upgrade to these updated packages
containing Mozilla version 1.7.13 which corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated mozilla packages that fix several security bugs are now available.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.\n\n[Updated 24 Apr 2006]\nThe erratum text has been updated to include the details of additional\nissues that were fixed by these erratum packages but which were not public\nat the time of release. No changes have been made to the packages.", "title": "Topic" }, { "category": "general", "text": "Mozilla is an open source Web browser, advanced email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral bugs were found in the way Mozilla processes malformed javascript.\nA malicious web page could modify the content of a different open web\npage, possibly stealing sensitive information or conducting a cross-site\nscripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741)\n\nSeveral bugs were found in the way Mozilla processes certain javascript\nactions. A malicious web page could execute arbitrary javascript\ninstructions with the permissions of \"chrome\", allowing the page to steal\nsensitive information or install browser malware. (CVE-2006-1727,\nCVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)\n\nSeveral bugs were found in the way Mozilla processes malformed web pages. \nA carefully crafted malicious web page could cause the execution of\narbitrary code as the user running Mozilla. (CVE-2006-0748, CVE-2006-0749,\nCVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739, CVE-2006-1790)\n\nA bug was found in the way Mozilla displays the secure site icon. If a\nbrowser is configured to display the non-default secure site modal warning\ndialog, it may be possible to trick a user into believing they are viewing\na secure site. (CVE-2006-1740)\n\nA bug was found in the way Mozilla allows javascript mutation events on\n\"input\" form elements. A malicious web page could be created in such a way\nthat when a user submits a form, an arbitrary file could be uploaded to the\nattacker. (CVE-2006-1729)\n\nA bug was found in the way Mozilla executes in-line mail forwarding. If a\nuser can be tricked into forwarding a maliciously crafted mail message as\nin-line content, it is possible for the message to execute javascript with\nthe permissions of \"chrome\". (CVE-2006-0884)\n\nUsers of Mozilla are advised to upgrade to these updated packages\ncontaining Mozilla version 1.7.13 which corrects these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2006:0329", "url": "https://access.redhat.com/errata/RHSA-2006:0329" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.13", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.13" }, { "category": "external", "summary": "188776", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188776" }, { "category": "external", "summary": "188778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188778" }, { "category": "external", "summary": "188780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188780" }, { "category": "external", "summary": "188782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188782" }, { "category": "external", "summary": "188784", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188784" }, { "category": "external", "summary": "188787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188787" }, { "category": "external", "summary": "188789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188789" }, { "category": "external", "summary": "188791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188791" }, { "category": "external", "summary": "188793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188793" }, { "category": "external", "summary": "188795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188795" }, { "category": "external", "summary": "188799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188799" }, { "category": "external", "summary": "188801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188801" }, { "category": "external", "summary": "188803", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188803" }, { "category": "external", "summary": "188805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188805" }, { "category": "external", "summary": "188807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188807" }, { "category": "external", "summary": "188810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188810" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0329.json" } ], "title": "Red Hat Security Advisory: mozilla security update", "tracking": { "current_release_date": "2024-11-22T00:14:25+00:00", "generator": { "date": "2024-11-22T00:14:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2006:0329", "initial_release_date": "2006-04-18T11:12:00+00:00", "revision_history": [ { "date": "2006-04-18T11:12:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2006-04-18T00:00:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T00:14:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4", "product": { "name": "Red Hat Enterprise Linux AS version 4", "product_id": "4AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop version 4", "product": { "name": "Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4", "product": { "name": "Red Hat Enterprise Linux ES version 4", "product_id": "4ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4", "product": { "name": "Red Hat Enterprise Linux WS version 4", "product_id": "4WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "devhelp-0:0.9.2-2.4.8.src", "product": { "name": "devhelp-0:0.9.2-2.4.8.src", "product_id": "devhelp-0:0.9.2-2.4.8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "devhelp-0:0.9.2-2.4.8.x86_64", "product": { "name": "devhelp-0:0.9.2-2.4.8.x86_64", "product_id": "devhelp-0:0.9.2-2.4.8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.8?arch=x86_64" } } }, { "category": "product_version", "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "product": { "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "product_id": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.8?arch=x86_64" } } }, { "category": "product_version", "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "product": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "product_id": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "devhelp-0:0.9.2-2.4.8.i386", "product": { "name": "devhelp-0:0.9.2-2.4.8.i386", "product_id": "devhelp-0:0.9.2-2.4.8.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.8?arch=i386" } } }, { "category": "product_version", "name": "devhelp-devel-0:0.9.2-2.4.8.i386", "product": { "name": "devhelp-devel-0:0.9.2-2.4.8.i386", "product_id": "devhelp-devel-0:0.9.2-2.4.8.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.8?arch=i386" } } }, { "category": "product_version", "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "product": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "product_id": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.8?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "devhelp-0:0.9.2-2.4.8.ppc", "product": { "name": "devhelp-0:0.9.2-2.4.8.ppc", "product_id": "devhelp-0:0.9.2-2.4.8.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp@0.9.2-2.4.8?arch=ppc" } } }, { "category": "product_version", "name": "devhelp-devel-0:0.9.2-2.4.8.ppc", "product": { "name": "devhelp-devel-0:0.9.2-2.4.8.ppc", "product_id": "devhelp-devel-0:0.9.2-2.4.8.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-devel@0.9.2-2.4.8?arch=ppc" } } }, { "category": "product_version", "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "product": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "product_id": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/devhelp-debuginfo@0.9.2-2.4.8?arch=ppc" } } } ], "category": "architecture", "name": "ppc" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.src as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-0:0.9.2-2.4.8.src" }, "product_reference": "devhelp-0:0.9.2-2.4.8.src", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-devel-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.src as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-0:0.9.2-2.4.8.src" }, "product_reference": "devhelp-0:0.9.2-2.4.8.src", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.src as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-0:0.9.2-2.4.8.src" }, "product_reference": "devhelp-0:0.9.2-2.4.8.src", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-devel-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.src as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-0:0.9.2-2.4.8.src" }, "product_reference": "devhelp-0:0.9.2-2.4.8.src", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-devel-0:0.9.2-2.4.8.i386" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "devhelp-devel-0:0.9.2-2.4.8.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" }, "product_reference": "devhelp-devel-0:0.9.2-2.4.8.x86_64", "relates_to_product_reference": "4WS" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-0748", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618020" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via \"an invalid and non-sensical ordering of table-related tags\" that results in a negative array index.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0748" }, { "category": "external", "summary": "RHBZ#1618020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618020" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0748", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748" } ], "release_date": "2006-04-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-0749", "discovery_date": "2005-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "183537" } ], "notes": [ { "category": "description", "text": "nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a \"particular sequence of HTML tags\" that leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "Firefox Tag Order Vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0749" }, { "category": "external", "summary": "RHBZ#183537", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=183537" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0749", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Firefox Tag Order Vulnerability" }, { "cve": "CVE-2006-0884", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618021" } ], "notes": [ { "category": "description", "text": "The WYSIWYG rendering engine (\"rich mail\" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0884" }, { "category": "external", "summary": "RHBZ#1618021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618021" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0884", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0884" } ], "release_date": "2006-04-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1724", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618047" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1724" }, { "category": "external", "summary": "RHBZ#1618047", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618047" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1724", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1727", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618048" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with \"Print Preview\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1727" }, { "category": "external", "summary": "RHBZ#1618048", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618048" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1727", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1728", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618049" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1728" }, { "category": "external", "summary": "RHBZ#1618049", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618049" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1728", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1729", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618050" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1729" }, { "category": "external", "summary": "RHBZ#1618050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618050" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1729", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1729" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1730", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618051" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1730" }, { "category": "external", "summary": "RHBZ#1618051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1730", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1731", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618052" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1731" }, { "category": "external", "summary": "RHBZ#1618052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1731", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1732", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618053" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1732" }, { "category": "external", "summary": "RHBZ#1618053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1732", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1733", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618054" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) \"by inserting an XBL method into the DOM\u0027s document.body prototype chain.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1733" }, { "category": "external", "summary": "RHBZ#1618054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618054" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1733", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1734", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618055" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the \"clone parent\" internal function.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1734" }, { "category": "external", "summary": "RHBZ#1618055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1734", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1735", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618056" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1735" }, { "category": "external", "summary": "RHBZ#1618056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618056" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1735", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1737", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618057" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1737" }, { "category": "external", "summary": "RHBZ#1618057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1737", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1738", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618058" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1738" }, { "category": "external", "summary": "RHBZ#1618058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618058" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1738", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1739", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618059" } ], "notes": [ { "category": "description", "text": "The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1739" }, { "category": "external", "summary": "RHBZ#1618059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1739", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1740", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618060" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1740" }, { "category": "external", "summary": "RHBZ#1618060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618060" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1740", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1740" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "security flaw" }, { "cve": "CVE-2006-1741", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618061" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) \"using a modal alert to suspend an event handler while a new page is being loaded\", (2) using eval(), and using certain variants involving (3) \"new Script;\" and (4) using window.__proto__ to extend eval, aka \"cross-site JavaScript injection\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1741" }, { "category": "external", "summary": "RHBZ#1618061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1741", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1742", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618062" } ], "notes": [ { "category": "description", "text": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1742" }, { "category": "external", "summary": "RHBZ#1618062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1742", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1790", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618063" } ], "notes": [ { "category": "description", "text": "A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1790" }, { "category": "external", "summary": "RHBZ#1618063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1790", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-18T11:12:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:devhelp-0:0.9.2-2.4.8.i386", "4AS:devhelp-0:0.9.2-2.4.8.ppc", "4AS:devhelp-0:0.9.2-2.4.8.src", "4AS:devhelp-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4AS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4AS:devhelp-devel-0:0.9.2-2.4.8.i386", "4AS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4AS:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-0:0.9.2-2.4.8.src", "4Desktop:devhelp-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.i386", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.ppc", "4Desktop:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-0:0.9.2-2.4.8.i386", "4ES:devhelp-0:0.9.2-2.4.8.ppc", "4ES:devhelp-0:0.9.2-2.4.8.src", "4ES:devhelp-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4ES:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4ES:devhelp-devel-0:0.9.2-2.4.8.i386", "4ES:devhelp-devel-0:0.9.2-2.4.8.ppc", "4ES:devhelp-devel-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-0:0.9.2-2.4.8.i386", "4WS:devhelp-0:0.9.2-2.4.8.ppc", "4WS:devhelp-0:0.9.2-2.4.8.src", "4WS:devhelp-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.i386", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.ppc", "4WS:devhelp-debuginfo-0:0.9.2-2.4.8.x86_64", "4WS:devhelp-devel-0:0.9.2-2.4.8.i386", "4WS:devhelp-devel-0:0.9.2-2.4.8.ppc", "4WS:devhelp-devel-0:0.9.2-2.4.8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0329" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" } ] }
rhsa-2006_0330
Vulnerability from csaf_redhat
Published
2006-04-21 15:41
Modified
2024-11-22 00:14
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
Updated thunderbird packages that fix various bugs are now available for
Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
[Updated 24 Apr 2006]
The erratum text has been updated to include the details of additional
issues that were fixed by these erratum packages but which were not public
at the time of release. No changes have been made to the packages.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several bugs were found in the way Thunderbird processes malformed
javascript. A malicious HTML mail message could modify the content of a
different open HTML mail message, possibly stealing sensitive information
or conducting a cross-site scripting attack. Please note that JavaScript
support is disabled by default in Thunderbird. (CVE-2006-1731,
CVE-2006-1732, CVE-2006-1741)
Several bugs were found in the way Thunderbird processes certain
javascript actions. A malicious HTML mail message could execute arbitrary
javascript instructions with the permissions of 'chrome', allowing the
page to steal sensitive information or install browser malware. Please
note that JavaScript support is disabled by default in Thunderbird.
(CVE-2006-0292, CVE-2006-0296, CVE-2006-1727, CVE-2006-1728, CVE-2006-1733,
CVE-2006-1734, CVE-2006-1735, CVE-2006-1742)
Several bugs were found in the way Thunderbird processes malformed HTML
mail messages. A carefully crafted malicious HTML mail message could
cause the execution of arbitrary code as the user running Thunderbird.
(CVE-2006-0748, CVE-2006-0749, CVE-2006-1724, CVE-2006-1730, CVE-2006-1737,
CVE-2006-1738, CVE-2006-1739, CVE-2006-1790)
A bug was found in the way Thunderbird processes certain inline content
in HTML mail messages. It may be possible for a remote attacker to send a
carefully crafted mail message to the victim, which will fetch remote
content, even if Thunderbird is configured not to fetch remote content.
(CVE-2006-1045)
A bug was found in the way Thunderbird executes in-line mail forwarding. If
a user can be tricked into forwarding a maliciously crafted mail message as
in-line content, it is possible for the message to execute javascript with
the permissions of "chrome". (CVE-2006-0884)
Users of Thunderbird are advised to upgrade to these updated packages
containing Thunderbird version 1.0.8, which is not vulnerable to these
issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated thunderbird packages that fix various bugs are now available for\nRed Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.\n\n[Updated 24 Apr 2006]\nThe erratum text has been updated to include the details of additional\nissues that were fixed by these erratum packages but which were not public\nat the time of release. No changes have been made to the packages.", "title": "Topic" }, { "category": "general", "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral bugs were found in the way Thunderbird processes malformed\njavascript. A malicious HTML mail message could modify the content of a\ndifferent open HTML mail message, possibly stealing sensitive information\nor conducting a cross-site scripting attack. Please note that JavaScript\nsupport is disabled by default in Thunderbird. (CVE-2006-1731,\nCVE-2006-1732, CVE-2006-1741)\n\nSeveral bugs were found in the way Thunderbird processes certain \njavascript actions. A malicious HTML mail message could execute arbitrary \njavascript instructions with the permissions of \u0027chrome\u0027, allowing the \npage to steal sensitive information or install browser malware. Please \nnote that JavaScript support is disabled by default in Thunderbird. \n(CVE-2006-0292, CVE-2006-0296, CVE-2006-1727, CVE-2006-1728, CVE-2006-1733,\nCVE-2006-1734, CVE-2006-1735, CVE-2006-1742)\n\nSeveral bugs were found in the way Thunderbird processes malformed HTML\nmail messages. A carefully crafted malicious HTML mail message could \ncause the execution of arbitrary code as the user running Thunderbird.\n(CVE-2006-0748, CVE-2006-0749, CVE-2006-1724, CVE-2006-1730, CVE-2006-1737,\nCVE-2006-1738, CVE-2006-1739, CVE-2006-1790)\n\nA bug was found in the way Thunderbird processes certain inline content \nin HTML mail messages. It may be possible for a remote attacker to send a\ncarefully crafted mail message to the victim, which will fetch remote\ncontent, even if Thunderbird is configured not to fetch remote content.\n(CVE-2006-1045)\n\nA bug was found in the way Thunderbird executes in-line mail forwarding. If\na user can be tricked into forwarding a maliciously crafted mail message as\nin-line content, it is possible for the message to execute javascript with\nthe permissions of \"chrome\". (CVE-2006-0884)\n\nUsers of Thunderbird are advised to upgrade to these updated packages\ncontaining Thunderbird version 1.0.8, which is not vulnerable to these \nissues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2006:0330", "url": "https://access.redhat.com/errata/RHSA-2006:0330" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.mozilla.org/projects/security/known-", "url": "http://www.mozilla.org/projects/security/known-" }, { "category": "external", "summary": "188848", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188848" }, { "category": "external", "summary": "188850", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188850" }, { "category": "external", "summary": "188852", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188852" }, { "category": "external", "summary": "188855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188855" }, { "category": "external", "summary": "188857", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188857" }, { "category": "external", "summary": "188859", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188859" }, { "category": "external", "summary": "188861", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188861" }, { "category": "external", "summary": "188863", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188863" }, { "category": "external", "summary": "188865", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188865" }, { "category": "external", "summary": "188867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188867" }, { "category": "external", "summary": "188869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188869" }, { "category": "external", "summary": "188871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188871" }, { "category": "external", "summary": "188873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188873" }, { "category": "external", "summary": "188875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188875" }, { "category": "external", "summary": "188877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188877" }, { "category": "external", "summary": "188879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=188879" }, { "category": "external", "summary": "189180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=189180" }, { "category": "external", "summary": "189181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=189181" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0330.json" } ], "title": "Red Hat Security Advisory: thunderbird security update", "tracking": { "current_release_date": "2024-11-22T00:14:29+00:00", "generator": { "date": "2024-11-22T00:14:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2006:0330", "initial_release_date": "2006-04-21T15:41:00+00:00", "revision_history": [ { "date": "2006-04-21T15:41:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2006-04-21T00:00:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T00:14:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4", "product": { "name": "Red Hat Enterprise Linux AS version 4", "product_id": "4AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop version 4", "product": { "name": "Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4", "product": { "name": "Red Hat Enterprise Linux ES version 4", "product_id": "4ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4", "product": { "name": "Red Hat Enterprise Linux WS version 4", "product_id": "4WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=ia64" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.ia64", "product": { "name": "thunderbird-0:1.0.8-1.4.1.ia64", "product_id": "thunderbird-0:1.0.8-1.4.1.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.x86_64", "product": { "name": "thunderbird-0:1.0.8-1.4.1.x86_64", "product_id": "thunderbird-0:1.0.8-1.4.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=i386" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.i386", "product": { "name": "thunderbird-0:1.0.8-1.4.1.i386", "product_id": "thunderbird-0:1.0.8-1.4.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.src", "product": { "name": "thunderbird-0:1.0.8-1.4.1.src", "product_id": "thunderbird-0:1.0.8-1.4.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=ppc" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.ppc", "product": { "name": "thunderbird-0:1.0.8-1.4.1.ppc", "product_id": "thunderbird-0:1.0.8-1.4.1.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=s390x" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.s390x", "product": { "name": "thunderbird-0:1.0.8-1.4.1.s390x", "product_id": "thunderbird-0:1.0.8-1.4.1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "product": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "product_id": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.0.8-1.4.1?arch=s390" } } }, { "category": "product_version", "name": "thunderbird-0:1.0.8-1.4.1.s390", "product": { "name": "thunderbird-0:1.0.8-1.4.1.s390", "product_id": "thunderbird-0:1.0.8-1.4.1.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.0.8-1.4.1?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.src" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.src" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.src" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.src as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.src" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.src", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "relates_to_product_reference": "4WS" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-0292", "discovery_date": "2006-01-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1617879" } ], "notes": [ { "category": "description", "text": "The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0292" }, { "category": "external", "summary": "RHBZ#1617879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617879" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0292", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0292" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0292", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0292" } ], "release_date": "2006-02-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-0296", "discovery_date": "2006-01-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1617880" } ], "notes": [ { "category": "description", "text": "The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user\u0027s localstore.rdf file.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0296" }, { "category": "external", "summary": "RHBZ#1617880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617880" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0296", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0296" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0296", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0296" } ], "release_date": "2006-02-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-0748", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618020" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via \"an invalid and non-sensical ordering of table-related tags\" that results in a negative array index.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0748" }, { "category": "external", "summary": "RHBZ#1618020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618020" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0748", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0748" } ], "release_date": "2006-04-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-0749", "discovery_date": "2005-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "183537" } ], "notes": [ { "category": "description", "text": "nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a \"particular sequence of HTML tags\" that leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "Firefox Tag Order Vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0749" }, { "category": "external", "summary": "RHBZ#183537", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=183537" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0749", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0749" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Firefox Tag Order Vulnerability" }, { "cve": "CVE-2006-0884", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618021" } ], "notes": [ { "category": "description", "text": "The WYSIWYG rendering engine (\"rich mail\" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0884" }, { "category": "external", "summary": "RHBZ#1618021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618021" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0884", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0884" } ], "release_date": "2006-04-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1045", "discovery_date": "2006-03-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618023" } ], "notes": [ { "category": "description", "text": "The HTML rendering engine in Mozilla Thunderbird 1.5, when \"Block loading of remote images in mail messages\" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1045" }, { "category": "external", "summary": "RHBZ#1618023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1045", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1045" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1045", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1045" } ], "release_date": "2006-02-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1724", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618047" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1724" }, { "category": "external", "summary": "RHBZ#1618047", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618047" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1724", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1724" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1727", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618048" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with \"Print Preview\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1727" }, { "category": "external", "summary": "RHBZ#1618048", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618048" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1727", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1727" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1728", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618049" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1728" }, { "category": "external", "summary": "RHBZ#1618049", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618049" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1728", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1728" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1730", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618051" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1730" }, { "category": "external", "summary": "RHBZ#1618051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1730", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1730" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1731", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618052" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1731" }, { "category": "external", "summary": "RHBZ#1618052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618052" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1731", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1731" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1732", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618053" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1732" }, { "category": "external", "summary": "RHBZ#1618053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1732", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1732" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1733", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618054" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) \"by inserting an XBL method into the DOM\u0027s document.body prototype chain.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1733" }, { "category": "external", "summary": "RHBZ#1618054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618054" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1733", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1733" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1734", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618055" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the \"clone parent\" internal function.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1734" }, { "category": "external", "summary": "RHBZ#1618055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1734", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1734" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1735", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618056" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1735" }, { "category": "external", "summary": "RHBZ#1618056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618056" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1735", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1735" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1737", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618057" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1737" }, { "category": "external", "summary": "RHBZ#1618057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1737", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1738", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618058" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1738" }, { "category": "external", "summary": "RHBZ#1618058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618058" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1738", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1738" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1739", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618059" } ], "notes": [ { "category": "description", "text": "The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1739" }, { "category": "external", "summary": "RHBZ#1618059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1739", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1739" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1741", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618061" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) \"using a modal alert to suspend an event handler while a new page is being loaded\", (2) using eval(), and using certain variants involving (3) \"new Script;\" and (4) using window.__proto__ to extend eval, aka \"cross-site JavaScript injection\".", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1741" }, { "category": "external", "summary": "RHBZ#1618061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1741", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1741" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-1742", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618062" } ], "notes": [ { "category": "description", "text": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1742" }, { "category": "external", "summary": "RHBZ#1618062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1742", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1742" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-1790", "discovery_date": "2006-04-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618063" } ], "notes": [ { "category": "description", "text": "A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-1790" }, { "category": "external", "summary": "RHBZ#1618063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1790", "url": "https://www.cve.org/CVERecord?id=CVE-2006-1790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1790" } ], "release_date": "2006-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-04-21T15:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.0.8-1.4.1.i386", "4AS:thunderbird-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-0:1.0.8-1.4.1.s390", "4AS:thunderbird-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-0:1.0.8-1.4.1.src", "4AS:thunderbird-0:1.0.8-1.4.1.x86_64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4AS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-0:1.0.8-1.4.1.src", "4Desktop:thunderbird-0:1.0.8-1.4.1.x86_64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4Desktop:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-0:1.0.8-1.4.1.i386", "4ES:thunderbird-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-0:1.0.8-1.4.1.s390", "4ES:thunderbird-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-0:1.0.8-1.4.1.src", "4ES:thunderbird-0:1.0.8-1.4.1.x86_64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4ES:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-0:1.0.8-1.4.1.i386", "4WS:thunderbird-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-0:1.0.8-1.4.1.s390", "4WS:thunderbird-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-0:1.0.8-1.4.1.src", "4WS:thunderbird-0:1.0.8-1.4.1.x86_64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.i386", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ia64", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.ppc", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.s390x", "4WS:thunderbird-debuginfo-0:1.0.8-1.4.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0330" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" } ] }
gsd-2006-1737
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2006-1737", "description": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "id": "GSD-2006-1737", "references": [ "https://www.suse.com/security/cve/CVE-2006-1737.html", "https://www.debian.org/security/2006/dsa-1051", "https://www.debian.org/security/2006/dsa-1046", "https://www.debian.org/security/2006/dsa-1044", "https://access.redhat.com/errata/RHSA-2006:0330", "https://access.redhat.com/errata/RHSA-2006:0329", "https://access.redhat.com/errata/RHSA-2006:0328" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2006-1737" ], "details": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "id": "GSD-2006-1737", "modified": "2023-12-13T01:19:55.522884Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-1737", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://secunia.com/advisories/19823", "refsource": "MISC", "url": "http://secunia.com/advisories/19823" }, { "name": "http://www.novell.com/linux/security/advisories/2006_04_25.html", "refsource": "MISC", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "name": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt", "refsource": "MISC", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "name": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc", "refsource": "MISC", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "name": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html", "refsource": "MISC", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "name": "http://secunia.com/advisories/19631", "refsource": "MISC", "url": "http://secunia.com/advisories/19631" }, { "name": "http://secunia.com/advisories/19696", "refsource": "MISC", "url": "http://secunia.com/advisories/19696" }, { "name": "http://secunia.com/advisories/19714", "refsource": "MISC", "url": "http://secunia.com/advisories/19714" }, { "name": "http://secunia.com/advisories/19721", "refsource": "MISC", "url": "http://secunia.com/advisories/19721" }, { "name": "http://secunia.com/advisories/19729", "refsource": "MISC", "url": "http://secunia.com/advisories/19729" }, { "name": "http://secunia.com/advisories/19746", "refsource": "MISC", "url": "http://secunia.com/advisories/19746" }, { "name": "http://secunia.com/advisories/19759", "refsource": "MISC", "url": "http://secunia.com/advisories/19759" }, { "name": "http://secunia.com/advisories/19780", "refsource": "MISC", "url": "http://secunia.com/advisories/19780" }, { "name": "http://secunia.com/advisories/19794", "refsource": "MISC", "url": "http://secunia.com/advisories/19794" }, { "name": "http://secunia.com/advisories/19811", "refsource": "MISC", "url": "http://secunia.com/advisories/19811" }, { "name": "http://secunia.com/advisories/19821", "refsource": "MISC", "url": "http://secunia.com/advisories/19821" }, { "name": "http://secunia.com/advisories/19852", "refsource": "MISC", "url": "http://secunia.com/advisories/19852" }, { "name": "http://secunia.com/advisories/19862", "refsource": "MISC", "url": "http://secunia.com/advisories/19862" }, { "name": "http://secunia.com/advisories/19902", "refsource": "MISC", "url": "http://secunia.com/advisories/19902" }, { "name": "http://secunia.com/advisories/19950", "refsource": "MISC", "url": "http://secunia.com/advisories/19950" }, { "name": "http://secunia.com/advisories/20051", "refsource": "MISC", "url": "http://secunia.com/advisories/20051" }, { "name": "http://secunia.com/advisories/21033", "refsource": "MISC", "url": "http://secunia.com/advisories/21033" }, { "name": "http://secunia.com/advisories/21622", "refsource": "MISC", "url": "http://secunia.com/advisories/21622" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1", "refsource": "MISC", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1", "refsource": "MISC", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "refsource": "MISC", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "name": "http://www.debian.org/security/2006/dsa-1044", "refsource": "MISC", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "name": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml", "refsource": "MISC", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "name": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml", "refsource": "MISC", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "name": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml", "refsource": "MISC", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075", "refsource": "MISC", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076", "refsource": "MISC", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078", "refsource": "MISC", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "name": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html", "refsource": "MISC", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "name": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html", "refsource": "MISC", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "name": "http://www.redhat.com/support/errata/RHSA-2006-0328.html", "refsource": "MISC", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "name": "http://www.redhat.com/support/errata/RHSA-2006-0329.html", "refsource": "MISC", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "name": "http://www.redhat.com/support/errata/RHSA-2006-0330.html", "refsource": "MISC", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "name": "http://www.securityfocus.com/archive/1/436296/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/436338/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/438730/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "http://www.securityfocus.com/bid/17516", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/17516" }, { "name": "http://www.vupen.com/english/advisories/2006/1356", "refsource": "MISC", "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "name": "https://usn.ubuntu.com/271-1/", "refsource": "MISC", "url": "https://usn.ubuntu.com/271-1/" }, { "name": "https://usn.ubuntu.com/275-1/", "refsource": "MISC", "url": "https://usn.ubuntu.com/275-1/" }, { "name": "https://usn.ubuntu.com/276-1/", "refsource": "MISC", "url": "https://usn.ubuntu.com/276-1/" }, { "name": "http://secunia.com/advisories/19863", "refsource": "MISC", "url": "http://secunia.com/advisories/19863" }, { "name": "http://secunia.com/advisories/19941", "refsource": "MISC", "url": "http://secunia.com/advisories/19941" }, { "name": "http://www.debian.org/security/2006/dsa-1046", "refsource": "MISC", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "name": "http://www.debian.org/security/2006/dsa-1051", "refsource": "MISC", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "name": "http://www.securityfocus.com/archive/1/434524/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "name": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html", "refsource": "MISC", "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html", "refsource": "MISC", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "name": "http://www.kb.cert.org/vuls/id/329500", "refsource": "MISC", "url": "http://www.kb.cert.org/vuls/id/329500" }, { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817", "refsource": "MISC", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829", "refsource": "MISC", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-1737" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-189" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "name": "RHSA-2006:0328", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "name": "VU#329500", "refsource": "CERT-VN", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/329500" }, { "name": "17516", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/17516" }, { "name": "19631", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19631" }, { "name": "TA06-107A", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "name": "DSA-1044", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2006/dsa-1044" }, { "name": "GLSA-200604-12", "refsource": "GENTOO", "tags": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "name": "19759", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19759" }, { "name": "19794", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19794" }, { "name": "19821", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19821" }, { "name": "DSA-1046", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2006/dsa-1046" }, { "name": "GLSA-200604-18", "refsource": "GENTOO", "tags": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "name": "20060404-01-U", "refsource": "SGI", "tags": [], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" }, { "name": "19811", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19811" }, { "name": "19823", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19823" }, { "name": "19852", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19852" }, { "name": "19862", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19862" }, { "name": "19863", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19863" }, { "name": "19902", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19902" }, { "name": "DSA-1051", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2006/dsa-1051" }, { "name": "19950", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19950" }, { "name": "19941", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19941" }, { "name": "FEDORA-2006-410", "refsource": "FEDORA", "tags": [], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "name": "FEDORA-2006-411", "refsource": "FEDORA", "tags": [], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "name": "SUSE-SA:2006:021", "refsource": "SUSE", "tags": [], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "name": "19714", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19714" }, { "name": "19721", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19721" }, { "name": "19746", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19746" }, { "name": "RHSA-2006:0329", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "name": "RHSA-2006:0330", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "name": "SCOSA-2006.26", "refsource": "SCO", "tags": [], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" }, { "name": "21033", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/21033" }, { "name": "102550", "refsource": "SUNALERT", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "name": "21622", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/21622" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "refsource": "CONFIRM", "tags": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "name": "GLSA-200605-09", "refsource": "GENTOO", "tags": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "name": "19696", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19696" }, { "name": "19729", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19729" }, { "name": "19780", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/19780" }, { "name": "20051", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/20051" }, { "name": "MDKSA-2006:075", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "name": "MDKSA-2006:076", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "name": "MDKSA-2006:078", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "name": "228526", "refsource": "SUNALERT", "tags": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "name": "ADV-2006-1356", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2006/1356" }, { "name": "SUSE-SA:2006:022", "refsource": "SUSE", "tags": [], "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "name": "mozilla-javascript-regexpr-memory-corruption(25808)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "name": "oval:org.mitre.oval:def:1829", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "name": "oval:org.mitre.oval:def:10817", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "name": "USN-276-1", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/276-1/" }, { "name": "USN-275-1", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/275-1/" }, { "name": "USN-271-1", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/271-1/" }, { "name": "HPSBUX02122", "refsource": "HP", "tags": [], "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "name": "FLSA:189137-2", "refsource": "FEDORA", "tags": [], "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "name": "FLSA:189137-1", "refsource": "FEDORA", "tags": [], "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "name": "SSRT061145", "refsource": "HP", "tags": [], "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2018-10-18T16:35Z", "publishedDate": "2006-04-14T18:02Z" } } }
ghsa-rxwh-g7jh-p598
Vulnerability from github
Published
2022-05-03 03:15
Modified
2022-05-03 03:15
Details
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
{ "affected": [], "aliases": [ "CVE-2006-1737" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-04-14T18:02:00Z", "severity": "HIGH" }, "details": "Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.", "id": "GHSA-rxwh-g7jh-p598", "modified": "2022-05-03T03:15:47Z", "published": "2022-05-03T03:15:47Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1737" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25808" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10817" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1829" }, { "type": "WEB", "url": "https://usn.ubuntu.com/271-1" }, { "type": "WEB", "url": "https://usn.ubuntu.com/275-1" }, { "type": "WEB", "url": "https://usn.ubuntu.com/276-1" }, { "type": "WEB", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/19631" }, { "type": "WEB", "url": "http://secunia.com/advisories/19696" }, { "type": "WEB", "url": "http://secunia.com/advisories/19714" }, { "type": "WEB", "url": "http://secunia.com/advisories/19721" }, { "type": "WEB", "url": "http://secunia.com/advisories/19729" }, { "type": "WEB", "url": "http://secunia.com/advisories/19746" }, { "type": "WEB", "url": "http://secunia.com/advisories/19759" }, { "type": "WEB", "url": "http://secunia.com/advisories/19780" }, { "type": "WEB", "url": "http://secunia.com/advisories/19794" }, { "type": "WEB", "url": "http://secunia.com/advisories/19811" }, { "type": "WEB", "url": "http://secunia.com/advisories/19821" }, { "type": "WEB", "url": "http://secunia.com/advisories/19823" }, { "type": "WEB", "url": "http://secunia.com/advisories/19852" }, { "type": "WEB", "url": "http://secunia.com/advisories/19862" }, { "type": "WEB", "url": "http://secunia.com/advisories/19863" }, { "type": "WEB", "url": "http://secunia.com/advisories/19902" }, { "type": "WEB", "url": "http://secunia.com/advisories/19941" }, { "type": "WEB", "url": "http://secunia.com/advisories/19950" }, { "type": "WEB", "url": "http://secunia.com/advisories/20051" }, { "type": "WEB", "url": "http://secunia.com/advisories/21033" }, { "type": "WEB", "url": "http://secunia.com/advisories/21622" }, { "type": "WEB", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" }, { "type": "WEB", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" }, { "type": "WEB", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" }, { "type": "WEB", "url": "http://www.debian.org/security/2006/dsa-1044" }, { "type": "WEB", "url": "http://www.debian.org/security/2006/dsa-1046" }, { "type": "WEB", "url": "http://www.debian.org/security/2006/dsa-1051" }, { "type": "WEB", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" }, { "type": "WEB", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" }, { "type": "WEB", "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" }, { "type": "WEB", "url": "http://www.kb.cert.org/vuls/id/329500" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" }, { "type": "WEB", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-11.html" }, { "type": "WEB", "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" }, { "type": "WEB", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" }, { "type": "WEB", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/17516" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/1356" } ], "schema_version": "1.4.0", "severity": [] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.