Vulnerability CVE-2006-6498
Published: 2006-12-19   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Mozilla -> Firefox 
Mozilla -> Mozilla 
Mozilla -> Seamonkey 
Mozilla -> Thunderbird 

 References:
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
http://fedoranews.org/cms/node/2297
http://fedoranews.org/cms/node/2338
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://rhn.redhat.com/errata/RHSA-2006-0758.html
http://rhn.redhat.com/errata/RHSA-2006-0759.html
http://rhn.redhat.com/errata/RHSA-2006-0760.html
http://security.gentoo.org/glsa/glsa-200701-02.xml
http://securitytracker.com/id?1017398
http://securitytracker.com/id?1017405
http://securitytracker.com/id?1017406
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1
http://www.debian.org/security/2007/dsa-1253
http://www.debian.org/security/2007/dsa-1258
http://www.debian.org/security/2007/dsa-1265
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
http://www.kb.cert.org/vuls/id/427972
http://www.kb.cert.org/vuls/id/447772
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
http://www.securityfocus.com/archive/1/455145/100/0/threaded
http://www.securityfocus.com/archive/1/455728/100/200/threaded
http://www.securityfocus.com/bid/21668
http://www.ubuntu.com/usn/usn-398-1
http://www.ubuntu.com/usn/usn-398-2
http://www.ubuntu.com/usn/usn-400-1
http://www.us-cert.gov/cas/techalerts/TA06-354A.html
http://www.vupen.com/english/advisories/2006/5068
http://www.vupen.com/english/advisories/2007/2106
http://www.vupen.com/english/advisories/2008/0083
https://issues.rpath.com/browse/RPL-883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661
Copyright 2024, cxsecurity.com

 

Back to Top