Lucene search

[email protected]CVE-2006-4565

HistorySep 15, 2006 - 6:07 p.m.

CVE-2006-4565

2006-09-1518:07:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-4565

mozilla firefox

buffer overflow

denial of service

remote attackers

arbitrary code

nvd

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.28 Low

EPSS

Percentile

96.8%

JSON

Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a “minimal quantifier.”

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyle1.0.4
mozilla:firefoxmozilla firefoxle1.5.0.6
mozilla:thunderbirdmozilla thunderbirdle1.5.0.6

CPE	Name	Operator	Version
mozilla:seamonkey	mozilla seamonkey	le	1.0.4
mozilla:firefox	mozilla firefox	le	1.5.0.6
mozilla:thunderbird	mozilla thunderbird	le	1.5.0.6

References

ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc

secunia.com/advisories/21906

secunia.com/advisories/21915

secunia.com/advisories/21916

secunia.com/advisories/21939

secunia.com/advisories/21940

secunia.com/advisories/21949

secunia.com/advisories/21950

secunia.com/advisories/22001

secunia.com/advisories/22025

secunia.com/advisories/22036

secunia.com/advisories/22055

secunia.com/advisories/22056

secunia.com/advisories/22066

secunia.com/advisories/22074

secunia.com/advisories/22088

secunia.com/advisories/22195

secunia.com/advisories/22210

secunia.com/advisories/22247

secunia.com/advisories/22274

secunia.com/advisories/22299

secunia.com/advisories/22342

secunia.com/advisories/22391

secunia.com/advisories/22422

secunia.com/advisories/22849

secunia.com/advisories/24711

security.gentoo.org/glsa/glsa-200609-19.xml

security.gentoo.org/glsa/glsa-200610-01.xml

security.gentoo.org/glsa/glsa-200610-04.xml

securitytracker.com/id?1016846

securitytracker.com/id?1016847

securitytracker.com/id?1016848

support.avaya.com/elmodocs2/security/ASA-2006-224.htm

www.debian.org/security/2006/dsa-1192

www.debian.org/security/2006/dsa-1210

www.mandriva.com/security/advisories?name=MDKSA-2006:168

www.mandriva.com/security/advisories?name=MDKSA-2006:169

www.mozilla.org/security/announce/2006/mfsa2006-57.html

www.novell.com/linux/security/advisories/2006_54_mozilla.html

www.redhat.com/support/errata/RHSA-2006-0675.html

www.redhat.com/support/errata/RHSA-2006-0676.html

www.redhat.com/support/errata/RHSA-2006-0677.html

www.securityfocus.com/archive/1/446140/100/0/threaded

www.securityfocus.com/bid/20042

www.ubuntu.com/usn/usn-350-1

www.ubuntu.com/usn/usn-351-1

www.ubuntu.com/usn/usn-352-1

www.ubuntu.com/usn/usn-354-1

www.ubuntu.com/usn/usn-361-1

www.us.debian.org/security/2006/dsa-1191

www.vupen.com/english/advisories/2006/3617

www.vupen.com/english/advisories/2006/3748

www.vupen.com/english/advisories/2007/1198

www.vupen.com/english/advisories/2008/0083

www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

exchange.xforce.ibmcloud.com/vulnerabilities/28955

issues.rpath.com/browse/RPL-640

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11421

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.28 Low

EPSS

Percentile

96.8%

JSON

Related for CVE-2006-4565

ubuntucve1 veracode1 debiancve1 mozilla1 osv3 openvas18 debian3 nessus31 gentoo3 oraclelinux3 centos4 redhat3 ubuntu4 freebsd1 suse1 cert2