Lucene search

[email protected]CVE-2006-2781

HistoryJun 02, 2006 - 7:02 p.m.

CVE-2006-2781

2006-06-0219:02:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2006

2781

nsvcard.cpp

mozilla thunderbird

seamonkey

denial of service

hang

arbitrary code

vcard

invalid base64 characters

vulnerability

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.317 Low

EPSS

Percentile

96.9%

JSON

Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyle1.0.1
mozilla:thunderbirdmozilla thunderbirdle1.5.0.3

CPE	Name	Operator	Version
mozilla:seamonkey	mozilla seamonkey	le	1.0.1
mozilla:thunderbird	mozilla thunderbird	le	1.5.0.3

References

rhn.redhat.com/errata/RHSA-2006-0609.html

secunia.com/advisories/20382

secunia.com/advisories/20394

secunia.com/advisories/20709

secunia.com/advisories/21134

secunia.com/advisories/21178

secunia.com/advisories/21183

secunia.com/advisories/21210

secunia.com/advisories/21269

secunia.com/advisories/21324

secunia.com/advisories/21336

secunia.com/advisories/21607

secunia.com/advisories/21631

secunia.com/advisories/22065

securitytracker.com/id?1016214

www.debian.org/security/2006/dsa-1118

www.debian.org/security/2006/dsa-1134

www.gentoo.org/security/en/glsa/glsa-200606-21.xml

www.mandriva.com/security/advisories?name=MDKSA-2006:146

www.mozilla.org/security/announce/2006/mfsa2006-40.html

www.novell.com/linux/security/advisories/2006_35_mozilla.html

www.redhat.com/support/errata/RHSA-2006-0578.html

www.redhat.com/support/errata/RHSA-2006-0594.html

www.redhat.com/support/errata/RHSA-2006-0611.html

www.securityfocus.com/archive/1/435795/100/0/threaded

www.securityfocus.com/archive/1/446657/100/200/threaded

www.securityfocus.com/bid/18228

www.vupen.com/english/advisories/2006/2106

www.vupen.com/english/advisories/2006/3749

exchange.xforce.ibmcloud.com/vulnerabilities/26850

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10247

usn.ubuntu.com/297-1/

usn.ubuntu.com/297-3/

usn.ubuntu.com/323-1/

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.317 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2006-2781

nessus18 mozilla1 prion1 ubuntucve1 debiancve1 gentoo1 openvas6 ubuntu3 securityvulns2 redhat4 suse1 osv2 debian2 centos3 oraclelinux1