Lucene search
Mozilla FoundationMFSA2006-18HistoryApr 13, 2006 - 12:00 a.m.
Mozilla Firefox Tag Order Vulnerability — Mozilla
2006-04-1300:00:00
Mozilla Foundation
www.mozilla.org
16
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.972
Percentile
99.9%
A particular sequence of HTML tags that reliably crash Mozilla clients was reported by an anonymous researcher via TippingPoint and the Zero Day Initiative. The crash is due to memory corruption that can be exploited to run arbitary code.
Affected configurations
Node
mozillafirefoxRange<1.0.8
ORmozillafirefoxRange<1.5
ORmozillamozilla_suiteRange<1.7.13
ORmozillaseamonkeyRange<1
ORmozillathunderbirdRange<1.0.8
ORmozillathunderbirdRange<1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | mozilla_suite | * | cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:* |
| mozilla | seamonkey | * | cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Tag Order Memory Corruption (CVE-2006-0749)
2010-03-08 00:00:00
prion
prion
Memory corruption
2006-04-14 10:02:00
zdi
zdi
Mozilla Firefox Tag Parsing Code Execution Vulnerability
2006-04-17 00:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2006-0749
2006-04-14 10:02:00
cert
cert
cvelist
cvelist
CVE-2006-0749
2006-04-14 10:00:00
debiancve
debiancve
CVE-2006-0749
2006-04-14 10:02:00
ubuntucve
ubuntucve
CVE-2006-0749
2006-04-14 00:00:00
cve
cve
CVE-2006-0749
2006-04-14 10:02:00
nessus
nessus
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:075)
2006-04-26 00:00:00
Fedora Core 5 : firefox-1.5.0.2-1.1.fc5 (2006-411)
2006-04-21 00:00:00
Fedora Core 4 : firefox-1.0.8-1.1.fc4 (2006-410)
2006-04-21 00:00:00
openvas
openvas
SLES9: Security update for Mozilla suite
2009-10-10 00:00:00
SLES9: Security update for Mozilla suite
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200605-09 (mozilla-thunderbird)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2006:0328) firefox security update
2006-04-14 00:00:00
(RHSA-2006:0330) thunderbird security update
2006-04-21 00:00:00
(RHSA-2006:0329) mozilla security update
2006-04-18 00:00:00
centos
centos
firefox security update
2006-04-14 18:00:35
devhelp, mozilla security update
2006-04-18 17:41:36
galeon, mozilla security update
2006-04-18 23:53:59
suse
suse
remote code execution in MozillaFirefox,mozilla
2006-04-20 13:13:08
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in phpMyAdmin
2006-01-26 13:53:52
ubuntu
ubuntu
Firefox vulnerabilities
2006-04-20 00:00:00
Thunderbird vulnerabilities
2006-05-03 00:00:00
Mozilla vulnerabilities
2006-04-28 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2006-05-08 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-04-23 00:00:00
Mozilla Suite: Multiple vulnerabilities
2006-04-28 00:00:00
debian
debian
osv
osv
mozilla-firefox - several
2006-04-26 00:00:00
mozilla-thunderbird - several vulnerabilities
2006-05-04 00:00:00
mozilla - several
2006-04-27 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-04-13 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.972
Percentile
99.9%
Related for MFSA2006-18