Lucene search
Mozilla FoundationMFSA2006-07HistoryFeb 01, 2006 - 12:00 a.m.
Read beyond buffer while parsing XML — Mozilla
2006-02-0100:00:00
Mozilla Foundation
www.mozilla.org
14
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
EPSS
0.727
Percentile
98.1%
An upgrade in the XML parser introduced a bug that could read beyond the end of the buffer, often causing a crash. We don’t know if this could be exploited to incorporate private data into the DOM of an XML document, but could be a privacy risk if so. Firefox 1.0, Thunderbird 1.0 and Mozilla Suite 1.7 are not affected.
Affected configurations
Node
mozillafirefoxRange<1.5.0.1
ORmozillaseamonkeyRange<1
ORmozillathunderbirdRange<1.5.0.2
Related
ubuntucve
ubuntucve
CVE-2006-0298
2006-02-02 00:00:00
prion
prion
Out-of-bounds
2006-02-02 22:02:00
cvelist
cvelist
CVE-2006-0298
2006-02-02 22:00:00
debiancve
debiancve
CVE-2006-0298
2006-02-02 22:02:00
cve
cve
CVE-2006-0298
2006-02-02 22:02:00
nvd
nvd
CVE-2006-0298
2006-02-02 22:02:00
nessus
nessus
Firefox < 1.5.0.1 Multiple Vulnerabilities
2006-02-04 00:00:00
SeaMonkey < 1.0 Multiple Vulnerabilities
2006-02-05 00:00:00
Solaris 8 (sparc) : 120671-08
2007-02-18 00:00:00
openvas
openvas
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00
HP-UX Update for Thunderbird HPSBUX02156
2009-05-05 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
EPSS
0.727
Percentile
98.1%
Related for MFSA2006-07