Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mozillaMozilla FoundationMFSA2006-04
HistoryFeb 01, 2006 - 12:00 a.m.

Memory corruption via QueryInterface on Location, Navigator objects — Mozilla

2006-02-0100:00:00
Mozilla Foundation
www.mozilla.org
15

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.97

Percentile

99.7%

JSON

Calling the QueryInterface method of the built-in Location and Navigator objects causes memory corruption that might be exploitable to run arbitrary code.

Affected configurations

Vulners
Node
mozillafirefoxRange<1.5.0.1
OR
mozillaseamonkeyRange<1
OR
mozillathunderbirdRange<1.5.0.2
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Related

checkpoint_advisories 1
saint 4
debiancve 1
exploitdb 3
seebug 1
packetstorm 3
ubuntucve 1
prion 1
zdt 2
cvelist 1
cert 1
cve 1
nvd 1
metasploit 1
securityvulns 1
nessus 8
openvas 2
checkpoint_advisories
checkpoint_advisories
Mozilla Products QueryInterface Method Memory Corruption (CVE-2006-0295)
2009-12-20 00:00:00
saint
saint
Mozilla Firefox QueryInterface method memory corruption
2006-02-10 00:00:00
Mozilla Firefox QueryInterface method memory corruption
2006-02-10 00:00:00
Mozilla Firefox QueryInterface method memory corruption
2006-02-10 00:00:00
debiancve
debiancve
CVE-2006-0295
2006-02-02 20:06:00
exploitdb
exploitdb
Mozilla Firefox 1.5 (Linux) - &#039;location.QueryInterface()&#039; Code Execution (Metasploit)
2006-02-07 00:00:00
Mozilla Firefox - location.QueryInterface() Code Execution (Metasploit)
2010-09-20 00:00:00
Mozilla Firefox 1.5 (OSX) - &#039;location.QueryInterface()&#039; Code Execution (Metasploit)
2006-02-08 00:00:00
seebug
seebug
Mozilla Firefox 1.5 location.QueryInterface() Code Execution (linux)
2006-02-07 00:00:00
packetstorm
packetstorm
firefox_queryinterface_mac.pm.txt
2006-02-14 00:00:00
firefox_queryinterface.pm.txt
2006-02-14 00:00:00
Firefox location.QueryInterface() Code Execution
2009-10-27 00:00:00
ubuntucve
ubuntucve
CVE-2006-0295
2006-02-02 00:00:00
prion
prion
Memory corruption
2006-02-02 20:06:00
zdt
zdt
Mozilla Firefox 1.5 location.QueryInterface() Code Execution (linux)
2006-02-07 00:00:00
Mozilla Firefox 1.5 location.QueryInterface() Code Execution (osx)
2006-02-08 00:00:00
cvelist
cvelist
CVE-2006-0295
2006-02-02 20:00:00
cert
cert
Mozilla QueryInterface memory corruption vulnerability
2006-02-07 00:00:00
cve
cve
CVE-2006-0295
2006-02-02 20:06:00
nvd
nvd
CVE-2006-0295
2006-02-02 20:06:00
metasploit
metasploit
Firefox location.QueryInterface() Code Execution
2006-03-10 08:03:14
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA06-038A -- Multiple Vulnerabilities in Mozilla Products
2006-02-08 00:00:00
nessus
nessus
Firefox < 1.5.0.1 Multiple Vulnerabilities
2006-02-04 00:00:00
SeaMonkey < 1.0 Multiple Vulnerabilities
2006-02-05 00:00:00
Solaris 8 (sparc) : 120671-08
2007-02-18 00:00:00
openvas
openvas
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

EPSS

0.97

Percentile

99.7%

JSON
Related for MFSA2006-04
checkpoint_advisories1saint4debiancve1exploitdb3seebug1packetstorm3ubuntucve1prion1zdt2cvelist1cert1cve1nvd1metasploit1securityvulns1nessus8openvas2