CVE-2006-5748

critical

Description

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger memory corruption.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11408

https://issues.rpath.com/browse/RPL-765

https://exchange.xforce.ibmcloud.com/vulnerabilities/30096

https://bugzilla.mozilla.org/show_bug.cgi?id=354151

https://bugzilla.mozilla.org/show_bug.cgi?id=354145

https://bugzilla.mozilla.org/show_bug.cgi?id=353165

https://bugzilla.mozilla.org/show_bug.cgi?id=352606

https://bugzilla.mozilla.org/show_bug.cgi?id=352271

https://bugzilla.mozilla.org/show_bug.cgi?id=351973

https://bugzilla.mozilla.org/show_bug.cgi?id=351116

https://bugzilla.mozilla.org/show_bug.cgi?id=350238

https://bugzilla.mozilla.org/show_bug.cgi?id=349527

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

http://www.vupen.com/english/advisories/2008/0083

http://www.vupen.com/english/advisories/2007/3821

http://www.vupen.com/english/advisories/2007/1198

http://www.vupen.com/english/advisories/2006/4387

http://www.vupen.com/english/advisories/2006/3748

http://www.us-cert.gov/cas/techalerts/TA06-312A.html

http://www.ubuntu.com/usn/usn-382-1

http://www.ubuntu.com/usn/usn-381-1

http://www.securityfocus.com/bid/20957

http://www.securityfocus.com/archive/1/451099/100/0/threaded

http://www.novell.com/linux/security/advisories/2006_68_mozilla.html

http://www.mozilla.org/security/announce/2006/mfsa2006-65.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:206

http://www.mandriva.com/security/advisories?name=MDKSA-2006:205

http://www.kb.cert.org/vuls/id/390480

http://www.debian.org/security/2006/dsa-1227

http://www.debian.org/security/2006/dsa-1225

http://www.debian.org/security/2006/dsa-1224

http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201335-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103139-1

http://securitytracker.com/id?1017179

http://securitytracker.com/id?1017178

http://securitytracker.com/id?1017177

http://security.gentoo.org/glsa/glsa-200612-08.xml

http://security.gentoo.org/glsa/glsa-200612-07.xml

http://security.gentoo.org/glsa/glsa-200612-06.xml

http://secunia.com/advisories/27603

http://secunia.com/advisories/24711

http://secunia.com/advisories/23297

http://secunia.com/advisories/23287

http://secunia.com/advisories/23263

http://secunia.com/advisories/23235

http://secunia.com/advisories/23202

http://secunia.com/advisories/23197

http://secunia.com/advisories/23013

http://secunia.com/advisories/23009

http://secunia.com/advisories/22980

http://secunia.com/advisories/22965

http://secunia.com/advisories/22929

http://secunia.com/advisories/22817

http://secunia.com/advisories/22815

http://secunia.com/advisories/22774

http://secunia.com/advisories/22770

http://secunia.com/advisories/22763

http://secunia.com/advisories/22737

http://secunia.com/advisories/22727

http://secunia.com/advisories/22722

http://secunia.com/advisories/22066

http://rhn.redhat.com/errata/RHSA-2006-0735.html

http://rhn.redhat.com/errata/RHSA-2006-0734.html

http://rhn.redhat.com/errata/RHSA-2006-0733.html

Details

Source: Mitre, NVD

Published: 2006-11-08

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical