fkie_cve-2006-4253
Vulnerability from fkie_nvd
Published
2006-08-21 20:04
Modified
2025-04-03 01:03
Severity ?
Summary
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
References
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
cve@mitre.orghttp://lcamtuf.coredump.cx/ffoxdie.html
cve@mitre.orghttp://lcamtuf.coredump.cx/ffoxdie3.html
cve@mitre.orghttp://secunia.com/advisories/21513Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21906Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21915Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21916Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21939Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21940Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21949Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21950Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22001Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22025Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22036Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22055Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22056
cve@mitre.orghttp://secunia.com/advisories/22066
cve@mitre.orghttp://secunia.com/advisories/22074Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22088Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22195
cve@mitre.orghttp://secunia.com/advisories/22210Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22274Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22391Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22422Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24711
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200609-19.xml
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200610-01.xml
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200610-04.xml
cve@mitre.orghttp://securitytracker.com/id?1016846
cve@mitre.orghttp://securitytracker.com/id?1016847
cve@mitre.orghttp://securitytracker.com/id?1016848
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:168
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:169
cve@mitre.orghttp://www.mozilla.org/security/announce/2006/mfsa2006-59.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_54_mozilla.html
cve@mitre.orghttp://www.pianetapc.it/view.php?id=770URL Repurposed
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0675.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0676.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0677.html
cve@mitre.orghttp://www.securiteam.com/securitynews/5VP0M0AJFW.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/443020/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/443306/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/443500/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/443528/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/446140/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/447837/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/447840/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/448956/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/448984/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/449245/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/449487/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/449726/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/19488
cve@mitre.orghttp://www.securityfocus.com/bid/19534
cve@mitre.orghttp://www.ubuntu.com/usn/usn-350-1
cve@mitre.orghttp://www.ubuntu.com/usn/usn-351-1
cve@mitre.orghttp://www.ubuntu.com/usn/usn-352-1
cve@mitre.orghttp://www.ubuntu.com/usn/usn-354-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/3617
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/3748
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1198
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0083
cve@mitre.orghttp://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=348514
cve@mitre.orghttps://issues.rpath.com/browse/RPL-640
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
af854a3a-2127-422b-91ae-364da2661108http://lcamtuf.coredump.cx/ffoxdie.html
af854a3a-2127-422b-91ae-364da2661108http://lcamtuf.coredump.cx/ffoxdie3.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21513Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21906Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21915Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21916Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21939Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21940Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21949Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21950Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22001Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22025Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22036Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22055Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22056
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22066
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22074Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22088Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22195
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22210Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22274Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22391Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22422Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24711
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200609-19.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200610-01.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200610-04.xml
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016846
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016847
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016848
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:168
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:169
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-59.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_54_mozilla.html
af854a3a-2127-422b-91ae-364da2661108http://www.pianetapc.it/view.php?id=770URL Repurposed
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0675.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0676.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0677.html
af854a3a-2127-422b-91ae-364da2661108http://www.securiteam.com/securitynews/5VP0M0AJFW.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/443020/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/443306/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/443500/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/443528/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446140/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/447837/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/447840/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/448956/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/448984/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449245/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449487/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449726/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/19488
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/19534
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-350-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-351-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-352-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-354-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3617
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3748
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1198
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0083
af854a3a-2127-422b-91ae-364da2661108http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=348514
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-640
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528
Impacted products
Vendor Product Version
k-meleon_project k-meleon 1.0.1
mozilla firefox 0.8
mozilla firefox 0.9
mozilla firefox 0.9
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9.3
mozilla firefox 0.10
mozilla firefox 0.10.1
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 1.0.2
mozilla firefox 1.0.3
mozilla firefox 1.0.4
mozilla firefox 1.0.5
mozilla firefox 1.0.6
mozilla firefox 1.0.7
mozilla firefox 1.0.8
mozilla firefox 1.5
mozilla firefox 1.5
mozilla firefox 1.5
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.5
mozilla firefox 1.5.0.6
netscape navigator 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1EAAD01-C770-446C-916F-66782953AF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
              "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:navigator:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D673003C-0491-4C94-8907-5E36BB5EB9AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3.  NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie.  Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability.  NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de concurrencia en Mozilla Firefox 1.5.0.6 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante m\u00faltiples eventos Javascript temporizados que cargan un archivo XML profundamente anidado, seguido por una redirecci\u00f3n del navegador hacia ora p\u00e1gina, lo cual lleva a un fallo de concurencia que provoca que se liberen estructuras incorrectamente, como ha sido demostrado por (1) ffoxdie y (2) ffoxdie3. NOTA: se ha reportado que Netscape 8.1 y K-Meleaon 1.0.1 tambi\u00e9n se han visto afectados por ffoxdie. Mozilla confirm\u00f3 a CVE que ffoxdie y ffoxdie3 disparan la misma vulnerabilidad subyacente. NOTA: se ha reportado posteriormente que Firefox 2.0 RC2 y 1.5.0.7 tambi\u00e9n est\u00e1n afectados."
    }
  ],
  "id": "CVE-2006-4253",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-08-21T20:04:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lcamtuf.coredump.cx/ffoxdie.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lcamtuf.coredump.cx/ffoxdie3.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21513"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21906"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21916"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21939"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21940"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21949"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21950"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22001"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22025"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22036"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22055"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22056"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22074"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22088"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22195"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22210"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22274"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22391"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22422"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/24711"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200610-01.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200610-04.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016846"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016847"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016848"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:169"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.pianetapc.it/view.php?id=770"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0675.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0676.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0677.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securiteam.com/securitynews/5VP0M0AJFW.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/443020/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/443306/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/443500/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/443528/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/447837/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/447840/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/448956/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/448984/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449245/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449487/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449726/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19488"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19534"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-350-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-351-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-352-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-354-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3617"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1198"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=348514"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-640"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lcamtuf.coredump.cx/ffoxdie.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lcamtuf.coredump.cx/ffoxdie3.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200610-01.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200610-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016848"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.pianetapc.it/view.php?id=770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0676.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0677.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securiteam.com/securitynews/5VP0M0AJFW.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/443020/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/443306/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/443500/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/443528/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/447837/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/447840/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/448956/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/448984/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449245/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449487/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449726/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-350-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-351-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-352-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-354-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=348514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.