[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0748Date: (C)2006-04-14   (M)2024-03-27


Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SUNALERT-102550
BID-17516
SECUNIA-19759
SECUNIA-19794
SECUNIA-19811
SECUNIA-19821
SECUNIA-19823
SECUNIA-19852
SECUNIA-19862
SECUNIA-19863
SECUNIA-19902
SECUNIA-19941
SECUNIA-19950
SECUNIA-20051
20060404-01-U
http://www.securityfocus.com/archive/1/432103/100/0/threaded
SECUNIA-21033
SECUNIA-21622
SECUNIA-22065
SECUNIA-22066
SUNALERT-228526
ADV-2006-1356
ADV-2006-3391
ADV-2006-3748
ADV-2006-3749
ADV-2008-0083
DSA-1044
DSA-1046
DSA-1051
FLSA:189137-1
FLSA:189137-2
GLSA-200604-12
GLSA-200604-18
GLSA-200605-09
HPSBUX02122
MDKSA-2006:075
MDKSA-2006:076
MDKSA-2006:078
RHSA-2006:0329
RHSA-2006:0330
SCOSA-2006.26
SSRT061181
SSRT061236
SUSE-SA:2006:022
USN-275-1
USN-276-1
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.mozilla.org/security/announce/2006/mfsa2006-27.html
http://www.zerodayinitiative.com/advisories/ZDI-06-011/
mozilla-table-rebuilding-code-execution(25985)
oval:org.mitre.oval:def:11164
oval:org.mitre.oval:def:1189

CPE    25
cpe:/a:mozilla:thunderbird:1.0.5:beta
cpe:/a:mozilla:thunderbird:1.0.3
cpe:/a:mozilla:thunderbird:1.0.2
cpe:/a:mozilla:firefox:1.5:beta2
...
CWE    1
CWE-399
OVAL    1
oval:org.mitre.oval:def:1189

© SecPod Technologies