Lucene search
Mozilla FoundationMFSA2006-57HistorySep 14, 2006 - 12:00 a.m.
JavaScript Regular Expression Heap Corruption — Mozilla
2006-09-1400:00:00
Mozilla Foundation
www.mozilla.org
19
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.967
Percentile
99.6%
Priit Laes reported a crash due to a heap buffer overflow triggered by a JavaScript regular expression containing a minimal quantifier. We presume this could be exploited to run arbitrary code.
Affected configurations
Node
mozillafirefoxRange<1.5.0.7
ORmozillaseamonkeyRange<1.0.5
ORmozillathunderbirdRange<1.5.0.7
Related
nvd
nvd
CVE-2006-4566
2006-09-15 18:07:00
CVE-2006-4565
2006-09-15 18:07:00
cve
cve
CVE-2006-4566
2006-09-15 18:07:00
CVE-2006-4565
2006-09-15 18:07:00
ubuntucve
ubuntucve
CVE-2006-4566
2006-09-15 00:00:00
CVE-2006-4565
2006-09-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:13:12
Heap-based Buffer Overflow
2020-04-10 00:13:12
checkpoint_advisories
checkpoint_advisories
Mozilla Products Regular Expressions Heap Corruption (CVE-2006-4566)
2009-10-15 00:00:00
cvelist
cvelist
CVE-2006-4566
2006-09-15 18:00:00
CVE-2006-4565
2006-09-15 18:00:00
debiancve
debiancve
CVE-2006-4566
2006-09-15 18:07:00
CVE-2006-4565
2006-09-15 18:07:00
nessus
nessus
Fedora Core 5 : thunderbird-1.5.0.7-1.fc5 (2006-977)
2007-01-17 00:00:00
GLSA-200610-04 : SeaMonkey: Multiple vulnerabilities
2006-10-20 00:00:00
Debian DSA-1210-1 : mozilla-firefox - several vulnerabilities
2006-11-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200610-04 (seamonkey)
2008-09-24 00:00:00
Debian Security Advisory DSA 1210-1 (mozilla-firefox)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1210)
2008-01-17 00:00:00
debian
debian
osv
osv
gentoo
gentoo
Seamonkey: Multiple vulnerabilities
2006-10-16 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2006-10-04 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-09-28 00:00:00
redhat
redhat
(RHSA-2006:0676) seamonkey security update
2006-09-15 00:00:00
(RHSA-2006:0677) thunderbird security update
2006-09-15 00:00:00
(RHSA-2006:0675) firefox security update
2006-09-15 00:00:00
centos
centos
seamonkey security update
2006-09-17 23:20:54
devhelp, seamonkey security update
2006-09-15 14:57:11
thunderbird security update
2006-09-15 14:57:35
oraclelinux
oraclelinux
Critical thunderbird security update
2006-12-07 00:00:00
Critical seamonkey security update
2006-12-07 00:00:00
Critical firefox security update
2006-12-07 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2006-09-25 00:00:00
firefox vulnerabilities
2006-09-23 00:00:00
Thunderbird vulnerabilities
2006-09-22 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-09-14 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2006-09-22 13:02:47
cert
cert
OpenSSL SSLv2 client code fails to properly check for NULL
2006-09-28 00:00:00
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
2006-09-28 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.967
Percentile
99.6%
Related for MFSA2006-57