Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1210
HistoryNov 14, 2006 - 12:00 a.m.

mozilla-firefox

2006-11-1400:00:00
Google
osv.dev
11

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Several security related problems have been discovered in Mozilla and
derived products such as Mozilla Firefox. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

  • CVE-2006-2788
    Fernando Ribeiro discovered that a vulnerability in the getRawDER
    function allows remote attackers to cause a denial of service
    (hang) and possibly execute arbitrary code.
  • CVE-2006-4340
    Daniel Bleichenbacher recently described an implementation error
    in RSA signature verification that cause the application to
    incorrectly trust SSL certificates.
  • CVE-2006-4565, CVE-2006-4566
    Priit Laes reported that a JavaScript regular expression can
    trigger a heap-based buffer overflow which allows remote attackers
    to cause a denial of service and possibly execute arbitrary code.
  • CVE-2006-4568
    A vulnerability has been discovered that allows remote attackers
    to bypass the security model and inject content into the sub-frame
    of another site.
  • CVE-2006-4571
    Multiple unspecified vulnerabilities in Firefox, Thunderbird and
    SeaMonkey allow remote attackers to cause a denial of service,
    corrupt memory, and possibly execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge12.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.dfsg+1.5.0.7-1 of firefox.

We recommend that you upgrade your Mozilla Firefox packages.

Related

nessus 52
debian 3
openvas 24
osv 3
oraclelinux 5
centos 8
redhat 8
ubuntu 6
gentoo 4
suse 2
freebsd 1
mozilla 4
cert 2
ubuntucve 8
veracode 5
debiancve 8
cve 10
prion 3
checkpoint_advisories 1
nessus
nessus
Debian DSA-1210-1 : mozilla-firefox - several vulnerabilities
2006-11-20 00:00:00
Debian DSA-1191-1 : mozilla-thunderbird - several vulnerabilities
2006-10-14 00:00:00
Debian DSA-1192-1 : mozilla - several vulnerabilities
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
2006-11-14 08:02:35
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities
2006-10-05 10:14:30
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities
2006-10-06 12:11:15
openvas
openvas
Debian: Security Advisory (DSA-1210)
2008-01-17 00:00:00
Debian Security Advisory DSA 1210-1 (mozilla-firefox)
2008-01-17 00:00:00
Debian Security Advisory DSA 1192-1 (mozilla)
2008-01-17 00:00:00
osv
osv
mozilla-thunderbird
2006-10-05 00:00:00
mozilla
2006-10-06 00:00:00
CVE-2018-16150
2018-11-07 20:29:00
oraclelinux
oraclelinux
Critical seamonkey security update
2006-12-07 00:00:00
Critical firefox security update
2006-12-07 00:00:00
Critical thunderbird security update
2006-12-07 00:00:00
centos
centos
devhelp, seamonkey security update
2006-09-15 14:57:11
seamonkey security update
2006-09-17 23:20:54
firefox security update
2006-09-15 14:57:18
redhat
redhat
(RHSA-2006:0676) seamonkey security update
2006-09-15 00:00:00
(RHSA-2006:0675) firefox security update
2006-09-15 00:00:00
(RHSA-2006:0677) thunderbird security update
2006-09-15 00:00:00
ubuntu
ubuntu
firefox vulnerabilities
2006-09-23 00:00:00
Thunderbird vulnerabilities
2006-09-25 00:00:00
Mozilla vulnerabilities
2006-10-10 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2006-09-28 00:00:00
Seamonkey: Multiple vulnerabilities
2006-10-16 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2006-10-04 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2006-09-22 13:02:47
RSA signature evasion in openssl,mozilla-nss
2006-09-22 15:25:59
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-09-14 00:00:00
mozilla
mozilla
JavaScript Regular Expression Heap Corruption — Mozilla
2006-09-14 00:00:00
Crashes with evidence of memory corruption (rv:1.8.0.7) — Mozilla
2006-09-14 00:00:00
Frame spoofing using document.open() — Mozilla
2006-09-14 00:00:00
cert
cert
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
2006-09-28 00:00:00
OpenSSL SSLv2 client code fails to properly check for NULL
2006-09-28 00:00:00
ubuntucve
ubuntucve
CVE-2006-4571
2006-09-15 00:00:00
CVE-2006-4568
2006-09-15 00:00:00
CVE-2006-2788
2006-06-02 00:00:00
veracode
veracode
Spoofable SSL Certificate
2020-04-10 00:13:11
Remote Code Execution (RCE)
2020-04-10 00:13:14
Content-Spoofing
2020-04-10 00:13:13
debiancve
debiancve
CVE-2006-4571
2006-09-15 19:07:00
CVE-2006-4568
2006-09-15 19:07:00
CVE-2006-4566
2006-09-15 18:07:00
cve
cve
CVE-2006-4571
2006-09-15 19:07:00
CVE-2006-4568
2006-09-15 19:07:00
CVE-2006-4566
2006-09-15 18:07:00
prion
prion
Double free
2006-06-02 21:06:00
Code injection
2018-11-07 20:29:00
Code injection
2007-06-06 21:30:00
checkpoint_advisories
checkpoint_advisories
Mozilla Products Regular Expressions Heap Corruption (CVE-2006-4566)
2009-10-15 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-1210
nessus52debian3openvas24osv3oraclelinux5centos8redhat8ubuntu6gentoo4suse2freebsd1mozilla4cert2ubuntucve8veracode5debiancve8cve10prion3checkpoint_advisories1