Vulnerability CVE-2006-2538
Published: 2006-05-22   Modified: 2012-02-12

Description:
IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability.

Type:

CWE-Other

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.6/10
2.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Mozilla -> Firefox 
Ie tab -> Ie tab 

 References:
http://www.securityfocus.com/archive/1/434280/100/0/threaded
http://www.securityfocus.com/archive/1/434519/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26540
Copyright 2024, cxsecurity.com

 

Back to Top