Lucene search
Mozilla FoundationMFSA2006-06HistoryFeb 01, 2006 - 12:00 a.m.
Integer overflows in E4X, SVG, and Canvas — Mozilla
2006-02-0100:00:00
Mozilla Foundation
www.mozilla.org
11
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
0.93
Percentile
99.0%
Georgi Guninski reports integer overflows in the new E4X, SVG, and Canvas features. These lead to memory corruption that is potentially exploitable to run arbitrary code.
Affected configurations
Node
mozillafirefoxRange<1.5.0.1
ORmozillaseamonkeyRange<1
ORmozillathunderbirdRange<1.5.0.2
Related
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Javascript Engine XML Parser Integer Overflow - Ver2 (CVE-2006-0297)
2014-02-03 00:00:00
Mozilla Products Graphics and XML Features Integer Overflows - Ver2 (CVE-2006-0297)
2014-01-07 00:00:00
Mozilla Products Graphics and XML Features Integer Overflows (CVE-2006-0297)
2009-12-08 00:00:00
ubuntucve
ubuntucve
CVE-2006-0297
2006-02-02 00:00:00
prion
prion
Integer overflow
2006-02-02 22:02:00
debiancve
debiancve
CVE-2006-0297
2006-02-02 22:02:00
nvd
nvd
CVE-2006-0297
2006-02-02 22:02:00
cvelist
cvelist
CVE-2006-0297
2006-02-02 22:00:00
cve
cve
CVE-2006-0297
2006-02-02 22:02:00
nessus
nessus
Firefox < 1.5.0.1 Multiple Vulnerabilities
2006-02-04 00:00:00
SeaMonkey < 1.0 Multiple Vulnerabilities
2006-02-05 00:00:00
Solaris 8 (sparc) : 120671-08
2007-02-18 00:00:00
openvas
openvas
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
0.93
Percentile
99.0%
Related for MFSA2006-06