[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0292Date: (C)2006-02-02   (M)2024-03-27


The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015570
SUNALERT-102550
BID-16476
SECUNIA-18700
SECUNIA-18703
SECUNIA-18704
SECUNIA-18705
SECUNIA-18706
SECUNIA-18708
SECUNIA-18709
SECUNIA-19230
SECUNIA-19746
SECUNIA-19759
SECUNIA-19780
SECUNIA-19821
SECUNIA-19823
SECUNIA-19852
SECUNIA-19862
SECUNIA-19863
SECUNIA-19902
SECUNIA-19941
SECUNIA-19950
SECUNIA-20051
20060201-01-U
SECUNIA-21033
SECUNIA-21622
SECUNIA-22065
SUNALERT-228526
ADV-2006-0413
ADV-2006-3391
ADV-2006-3749
DSA-1044
DSA-1046
DSA-1051
FEDORA-2006-075
FEDORA-2006-076
FLSA-2006:180036-2
FLSA:180036-1
GLSA-200604-12
GLSA-200604-18
GLSA-200605-09
HPSBUX02122
MDKSA-2006:036
MDKSA-2006:037
MDKSA-2006:078
RHSA-2006:0199
RHSA-2006:0200
RHSA-2006:0330
SCOSA-2006.26
SSRT061236
SUSE-SA:2006:022
USN-271-1
USN-275-1
USN-276-1
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.mozilla.org/security/announce/2006/mfsa2006-01.html
https://bugzilla.mozilla.org/show_bug.cgi?id=316885
mozilla-javascript-memory-corruption(24430)
oval:org.mitre.oval:def:10016
oval:org.mitre.oval:def:670

CPE    24
cpe:/a:mozilla:mozilla:1.4
cpe:/a:mozilla:mozilla:1.5
cpe:/a:mozilla:firefox:1.5:beta1
cpe:/a:mozilla:mozilla:1.5:alpha
...
OVAL    1
oval:org.mitre.oval:def:670

© SecPod Technologies