Lucene search

MitreCVE-2006-2613

HistoryMay 26, 2006 - 1:06 a.m.

CVE-2006-2613

2006-05-2601:06:00

CWE-200

mitre

web.nvd.nist.gov

cve-2006-2613

mozilla suite

mozilla firefox

netscape

remote code execution

information disclosure

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.7%

JSON

Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.

Affected configurations

Nvd

Node

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillamozilla_suiteMatch1.7.13

netscapenavigatorMatch7.2

netscapenavigatorMatch8.1

VendorProductVersionCPE
mozillafirefox1.5.0.1cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
mozillafirefox1.5.0.2cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
mozillafirefox1.5.0.3cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
mozillamozilla_suite1.7.13cpe:2.3:a:mozilla:mozilla_suite:1.7.13:*:*:*:*:*:*:*
netscapenavigator7.2cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*
netscapenavigator8.1cpe:2.3:a:netscape:navigator:8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	1.5.0.1	cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
mozilla	firefox	1.5.0.2	cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
mozilla	firefox	1.5.0.3	cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
mozilla	mozilla_suite	1.7.13	cpe:2.3:a:mozilla:mozilla_suite:1.7.13:::::::*
netscape	navigator	7.2	cpe:2.3:a:netscape:navigator:7.2:::::::*
netscape	navigator	8.1	cpe:2.3:a:netscape:navigator:8.1:::::::*

References

secunia.com/advisories/20244

secunia.com/advisories/20255

secunia.com/advisories/20256

secunia.com/advisories/21532

securityreason.com/securityalert/960

www.mandriva.com/security/advisories?name=MDKSA-2006:143

www.mandriva.com/security/advisories?name=MDKSA-2006:145

www.securityfocus.com/archive/1/434696/100/0/threaded

bugzilla.mozilla.org/attachment.cgi?id=164547

bugzilla.mozilla.org/show_bug.cgi?id=267645

exchange.xforce.ibmcloud.com/vulnerabilities/26667

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.7%

JSON

Related for CVE-2006-2613