Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1258-1
HistoryFeb 07, 2007 - 12:00 a.m.

mozilla-thunderbird

2007-02-0700:00:00
Google
osv.dev
8

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.423 Medium

EPSS

Percentile

96.8%

JSON

Several security related problems have been discovered in Mozilla and
derived products such as Mozilla Firefox. The Common Vulnerabilities
and Exposures project identifies the following vulnerabilities:

  • CVE-2006-6497
    Several vulnerabilities in the layout engine allow remote
    attackers to cause a denial of service and possibly permit them to
    execute arbitrary code. [MFSA 2006-68]
  • CVE-2006-6498
    Several vulnerabilities in the JavaScript engine allow remote
    attackers to cause a denial of service and possibly permit them to
    execute arbitrary code. [MFSA 2006-68]
  • CVE-2006-6499
    A bug in the js_dtoa function allows remote attackers to cause a
    denial of service. [MFSA 2006-68]
  • CVE-2006-6501
    “shutdown” discovered a vulnerability that allows remote attackers
    to gain privileges and install malicious code via the watch
    JavaScript function. [MFSA 2006-70]
  • CVE-2006-6502
    Steven Michaud discovered a programming bug that allows remote
    attackers to cause a denial of service. [MFSA 2006-71]
  • CVE-2006-6503
    “moz_bug_r_a4” reported that the src attribute of an IMG element
    could be used to inject JavaScript code. [MFSA 2006-72]

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-2.sarge1.0.8e.2.

For the testing (etch) and unstable (sid) distribution these problems
have been fixed in version 1.5.0.9.dfsg1-1 of icedove.

We recommend that you upgrade your Mozilla Thunderbird and Icedove packages.

Related

debian 3
osv 2
nessus 38
openvas 20
ubuntu 4
fedora 3
redhat 3
oraclelinux 3
centos 4
mozilla 4
securityvulns 4
gentoo 3
suse 2
ubuntucve 6
cve 6
cert 6
veracode 5
debiancve 6
debian
debian
[SECURITY] [DSA 1258-1] New Mozilla Firefox packages fix several vulnerabilities
2007-02-07 07:36:56
[SECURITY] [DSA 1253-1] New Mozilla Firefox packages fix several vulnerabilities
2007-01-27 18:35:24
[SECURITY] [DSA 1265-1] New Mozilla packages fix several vulnerabilities
2007-03-10 19:12:34
osv
osv
mozilla-firefox
2007-01-27 00:00:00
mozilla
2007-03-10 00:00:00
nessus
nessus
Debian DSA-1253-1 : mozilla-firefox - several vulnerabilities
2007-02-09 00:00:00
Debian DSA-1258-1 : mozilla-thunderbird - several vulnerabilities
2007-02-09 00:00:00
Ubuntu 5.10 / 6.06 LTS : firefox regression (USN-398-4)
2007-11-10 00:00:00
openvas
openvas
Debian Security Advisory DSA 1258-1 (mozilla-firefox)
2008-01-17 00:00:00
Debian Security Advisory DSA 1253-1 (mozilla-firefox)
2008-01-17 00:00:00
Ubuntu Update for firefox vulnerabilities USN-398-2
2009-03-23 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-01-03 00:00:00
Firefox regression
2007-01-27 00:00:00
Thunderbird vulnerabilities
2007-01-05 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: firefox-1.5.0.9-1.fc5
2006-12-21 22:02:27
[SECURITY] Fedora Core 5 Update: firefox-1.5.0.9-1.fc5
2006-12-22 20:21:55
[SECURITY] Fedora Core 5 Update: thunderbird-1.5.0.9-2.fc5
2007-01-02 20:23:31
redhat
redhat
(RHSA-2006:0758) Critical: firefox security update
2006-12-19 00:00:00
(RHSA-2006:0759) Critical: seamonkey security update
2006-12-19 00:00:00
(RHSA-2006:0760) Critical: thunderbird security update
2006-12-19 00:00:00
oraclelinux
oraclelinux
Critical firefox security update
2006-12-20 00:00:00
Critical thunderbird security update
2006-12-20 00:00:00
Critical seamonkey security update
2006-12-20 00:00:00
centos
centos
firefox security update
2006-12-23 11:43:06
seamonkey security update
2006-12-20 05:41:20
thunderbird security update
2006-12-23 11:43:30
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) — Mozilla
2006-12-19 00:00:00
Privilege escalation using watch point — Mozilla
2006-12-19 00:00:00
XSS by setting img.src to javascript: URI — Mozilla
2006-12-19 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2006-68
2006-12-20 00:00:00
Mozilla Foundation Security Advisory 2006-70
2006-12-20 00:00:00
Mozilla Foundation Security Advisory 2006-72
2006-12-20 00:00:00
gentoo
gentoo
SeaMonkey: Multiple vulnerabilities
2007-01-10 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2007-01-04 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2007-01-04 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird
2006-12-29 15:41:46
remote denial of service in mozilla
2007-01-12 14:08:00
ubuntucve
ubuntucve
CVE-2006-6499
2006-12-20 00:00:00
CVE-2006-6498
2006-12-20 00:00:00
CVE-2006-6503
2006-12-20 00:00:00
cve
cve
CVE-2006-6499
2006-12-20 01:28:00
CVE-2006-6498
2006-12-20 01:28:00
CVE-2006-6501
2006-12-20 01:28:00
cert
cert
Mozilla denial of service vulnerability
2007-01-09 00:00:00
Mozilla JavaScript Engine multiple memory corruption vulnerabilities
2007-01-18 00:00:00
Mozilla products vulnerable to privilege escalation via a JavaScript watch() function
2007-01-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:12:22
Denial Of Service (DoS)
2020-04-10 00:12:22
Denial Of Service (DoS)
2020-04-10 00:12:21
debiancve
debiancve
CVE-2006-6501
2006-12-20 01:28:00
CVE-2006-6499
2006-12-20 01:28:00
CVE-2006-6503
2006-12-20 01:28:00

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.423 Medium

EPSS

Percentile

96.8%

JSON
Related for OSV:DSA-1258-1
debian3osv2nessus38openvas20ubuntu4fedora3redhat3oraclelinux3centos4mozilla4securityvulns4gentoo3suse2ubuntucve6cve6cert6veracode5debiancve6