Lucene search

RedhatCVE-2006-6502

HistoryDec 20, 2006 - 1:28 a.m.

CVE-2006-6502

2006-12-2001:28:00

redhat

web.nvd.nist.gov

cve-2006-6502

use-after-free vulnerability

mozilla firefox

denial of service

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.539

Percentile

97.6%

JSON

Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors.

Affected configurations

Nvd

Node

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0beta_1

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0dev

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.7.1

mozillathunderbirdMatch0.7.2

mozillathunderbirdMatch0.7.3

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.3

mozillathunderbirdMatch1.0.4

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.5beta

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5beta2

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.3

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.6

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

VendorProductVersionCPE
mozillafirefox1.5cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
mozillafirefox1.5cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
mozillafirefox1.5cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
mozillafirefox1.5.0.1cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
mozillafirefox1.5.0.2cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
mozillafirefox1.5.0.3cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
mozillafirefox1.5.0.4cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
mozillafirefox1.5.0.5cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
mozillafirefox1.5.0.6cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
mozillafirefox1.5.0.7cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	1.5	cpe:2.3:a:mozilla:firefox:1.5:::::::*
mozilla	firefox	1.5	cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
mozilla	firefox	1.5	cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
mozilla	firefox	1.5.0.1	cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
mozilla	firefox	1.5.0.2	cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
mozilla	firefox	1.5.0.3	cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
mozilla	firefox	1.5.0.4	cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
mozilla	firefox	1.5.0.5	cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
mozilla	firefox	1.5.0.6	cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
mozilla	firefox	1.5.0.7	cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*

Rows per page:

1-10 of 541

References

ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc

fedoranews.org/cms/node/2297

fedoranews.org/cms/node/2338

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

rhn.redhat.com/errata/RHSA-2006-0758.html

rhn.redhat.com/errata/RHSA-2006-0759.html

rhn.redhat.com/errata/RHSA-2006-0760.html

secunia.com/advisories/23282

secunia.com/advisories/23420

secunia.com/advisories/23422

secunia.com/advisories/23433

secunia.com/advisories/23439

secunia.com/advisories/23440

secunia.com/advisories/23468

secunia.com/advisories/23514

secunia.com/advisories/23545

secunia.com/advisories/23589

secunia.com/advisories/23591

secunia.com/advisories/23598

secunia.com/advisories/23601

secunia.com/advisories/23614

secunia.com/advisories/23618

secunia.com/advisories/23672

secunia.com/advisories/23692

secunia.com/advisories/23988

secunia.com/advisories/24078

secunia.com/advisories/24390

security.gentoo.org/glsa/glsa-200701-02.xml

securitytracker.com/id?1017411

securitytracker.com/id?1017412

securitytracker.com/id?1017413

www.debian.org/security/2007/dsa-1253

www.debian.org/security/2007/dsa-1258

www.debian.org/security/2007/dsa-1265

www.gentoo.org/security/en/glsa/glsa-200701-03.xml

www.gentoo.org/security/en/glsa/glsa-200701-04.xml

www.kb.cert.org/vuls/id/428500

www.mandriva.com/security/advisories?name=MDKSA-2007:010

www.mandriva.com/security/advisories?name=MDKSA-2007:011

www.mozilla.org/security/announce/2006/mfsa2006-71.html

www.novell.com/linux/security/advisories/2006_80_mozilla.html

www.novell.com/linux/security/advisories/2007_06_mozilla.html

www.securityfocus.com/archive/1/455145/100/0/threaded

www.securityfocus.com/archive/1/455728/100/200/threaded

www.securityfocus.com/bid/21668

www.ubuntu.com/usn/usn-398-1

www.ubuntu.com/usn/usn-398-2

www.ubuntu.com/usn/usn-400-1

www.us-cert.gov/cas/techalerts/TA06-354A.html

www.vupen.com/english/advisories/2006/5068

www.vupen.com/english/advisories/2008/0083

issues.rpath.com/browse/RPL-883

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9626

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.539

Percentile

97.6%

JSON

Related for CVE-2006-6502