10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.6%
The Mozilla Foundation reports of multiple security issues
in Firefox, Seamonkey, and Thunderbird. Several of these
issues can probably be used to run arbitrary code with the
privilege of the user running the program.
MFSA 2006-64 Crashes with evidence of memory
corruption (rv:1.8.0.7)
MFSA 2006-63 JavaScript execution in mail via XBL
MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
MFSA 2006-61 Frame spoofing using document.open()
MFSA 2006-60 RSA Signature Forgery
MFSA 2006-59 Concurrency-related vulnerability
MFSA 2006-58 Auto-Update compromise through DNS and
SSL spoofing
MFSA 2006-57 JavaScript Regular Expression Heap
Corruption
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 1.5.0.7,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 1.5.0.7 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 1.0.5 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 1.0.5 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 1.5.0.7 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 1.5.0.7 | UNKNOWN |
FreeBSD | any | noarch | mozilla-thunderbird | < 1.5.0.7 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 3.0.a2006.09.21 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey-devel | < 1.5.a2006.09.21 | UNKNOWN |
www.mozilla.org/security/announce/2006/mfsa2006-57.html
www.mozilla.org/security/announce/2006/mfsa2006-58.html
www.mozilla.org/security/announce/2006/mfsa2006-59.html
www.mozilla.org/security/announce/2006/mfsa2006-60.html
www.mozilla.org/security/announce/2006/mfsa2006-61.html
www.mozilla.org/security/announce/2006/mfsa2006-62.html
www.mozilla.org/security/announce/2006/mfsa2006-63.html
www.mozilla.org/security/announce/2006/mfsa2006-64.html