Lucene search

RedhatCVE-2006-6501

HistoryDec 20, 2006 - 1:28 a.m.

CVE-2006-6501

2006-12-2001:28:00

CWE-264

redhat

web.nvd.nist.gov

cve-2006-6501

mozilla

firefox

thunderbird

seamonkey

vulnerability

remote attackers

javascript

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.166

Percentile

96.1%

JSON

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

Affected configurations

Nvd

Node

mozillafirefoxRange1.5–1.5.0.9

mozillafirefoxRange2.0–2.0.0.1

mozillaseamonkeyRange<1.0.7

mozillathunderbirdRange<1.5.0.9

Node

debiandebian_linuxMatch3.1

debiandebian_linuxMatch4.0

Node

canonicalubuntu_linuxMatch5.10

canonicalubuntu_linuxMatch6.06lts

canonicalubuntu_linuxMatch6.10

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
debiandebian_linux3.1cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
debiandebian_linux4.0cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
canonicalubuntu_linux5.10cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
canonicalubuntu_linux6.06cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
canonicalubuntu_linux6.10cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::
mozilla	thunderbird	*	cpe:2.3:a:mozilla:thunderbird::::::::
debian	debian_linux	3.1	cpe:2.3:o:debian:debian_linux:3.1:::::::*
debian	debian_linux	4.0	cpe:2.3:o:debian:debian_linux:4.0:::::::*
canonical	ubuntu_linux	5.10	cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*
canonical	ubuntu_linux	6.06	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
canonical	ubuntu_linux	6.10	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*

References

ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc

fedoranews.org/cms/node/2297

fedoranews.org/cms/node/2338

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

rhn.redhat.com/errata/RHSA-2006-0758.html

rhn.redhat.com/errata/RHSA-2006-0759.html

rhn.redhat.com/errata/RHSA-2006-0760.html

secunia.com/advisories/23282

secunia.com/advisories/23420

secunia.com/advisories/23422

secunia.com/advisories/23433

secunia.com/advisories/23439

secunia.com/advisories/23440

secunia.com/advisories/23468

secunia.com/advisories/23514

secunia.com/advisories/23545

secunia.com/advisories/23589

secunia.com/advisories/23591

secunia.com/advisories/23598

secunia.com/advisories/23601

secunia.com/advisories/23614

secunia.com/advisories/23618

secunia.com/advisories/23672

secunia.com/advisories/23692

secunia.com/advisories/23988

secunia.com/advisories/24078

secunia.com/advisories/24390

security.gentoo.org/glsa/glsa-200701-02.xml

securitytracker.com/id?1017403

securitytracker.com/id?1017404

securitytracker.com/id?1017407

www.debian.org/security/2007/dsa-1253

www.debian.org/security/2007/dsa-1258

www.debian.org/security/2007/dsa-1265

www.gentoo.org/security/en/glsa/glsa-200701-03.xml

www.gentoo.org/security/en/glsa/glsa-200701-04.xml

www.kb.cert.org/vuls/id/263412

www.mandriva.com/security/advisories?name=MDKSA-2007:010

www.mandriva.com/security/advisories?name=MDKSA-2007:011

www.mozilla.org/security/announce/2006/mfsa2006-70.html

www.novell.com/linux/security/advisories/2006_80_mozilla.html

www.novell.com/linux/security/advisories/2007_06_mozilla.html

www.securityfocus.com/archive/1/455145/100/0/threaded

www.securityfocus.com/archive/1/455728/100/200/threaded

www.securityfocus.com/bid/21668

www.ubuntu.com/usn/usn-398-1

www.ubuntu.com/usn/usn-398-2

www.ubuntu.com/usn/usn-400-1

www.us-cert.gov/cas/techalerts/TA06-354A.html

www.vupen.com/english/advisories/2006/5068

www.vupen.com/english/advisories/2008/0083

issues.rpath.com/browse/RPL-883

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9746

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.166

Percentile

96.1%

JSON

Related for CVE-2006-6501