CVE-2006-6498
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.1%
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | 1.5 | cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.1 | cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.2 | cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.3 | cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.4 | cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.5 | cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.6 | cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.7 | cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:* |
| mozilla | firefox | 1.5.0.8 | cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:* |
| mozilla | firefox | 2.0 | cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:* |
References
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
fedoranews.org/cms/node/2297
fedoranews.org/cms/node/2338
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
rhn.redhat.com/errata/RHSA-2006-0758.html
rhn.redhat.com/errata/RHSA-2006-0759.html
rhn.redhat.com/errata/RHSA-2006-0760.html
secunia.com/advisories/23282
secunia.com/advisories/23420
secunia.com/advisories/23422
secunia.com/advisories/23433
secunia.com/advisories/23439
secunia.com/advisories/23440
secunia.com/advisories/23468
secunia.com/advisories/23514
secunia.com/advisories/23545
secunia.com/advisories/23589
secunia.com/advisories/23591
secunia.com/advisories/23601
secunia.com/advisories/23614
secunia.com/advisories/23618
secunia.com/advisories/23672
secunia.com/advisories/23692
secunia.com/advisories/23988
secunia.com/advisories/24078
secunia.com/advisories/24390
secunia.com/advisories/25556
security.gentoo.org/glsa/glsa-200701-02.xml
securitytracker.com/id?1017398
securitytracker.com/id?1017405
securitytracker.com/id?1017406
sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1
www.debian.org/security/2007/dsa-1253
www.debian.org/security/2007/dsa-1258
www.debian.org/security/2007/dsa-1265
www.gentoo.org/security/en/glsa/glsa-200701-04.xml
www.kb.cert.org/vuls/id/427972
www.kb.cert.org/vuls/id/447772
www.mozilla.org/security/announce/2006/mfsa2006-68.html
www.novell.com/linux/security/advisories/2006_80_mozilla.html
www.novell.com/linux/security/advisories/2007_06_mozilla.html
www.securityfocus.com/archive/1/455145/100/0/threaded
www.securityfocus.com/archive/1/455728/100/200/threaded
www.securityfocus.com/bid/21668
www.ubuntu.com/usn/usn-398-1
www.ubuntu.com/usn/usn-398-2
www.ubuntu.com/usn/usn-400-1
www.us-cert.gov/cas/techalerts/TA06-354A.html
www.vupen.com/english/advisories/2006/5068
www.vupen.com/english/advisories/2007/2106
www.vupen.com/english/advisories/2008/0083
issues.rpath.com/browse/RPL-883
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.1%