Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-4253

Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.

Published

2006-08-21T20:04:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.6 (HIGH)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

4.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	k-meleon_project	k-meleon	1.0.1	Yes
Application	mozilla	firefox	0.8	Yes
Application	mozilla	firefox	0.9	Yes
Application	mozilla	firefox	0.9	Yes
Application	mozilla	firefox	0.9.1	Yes
Application	mozilla	firefox	0.9.2	Yes
Application	mozilla	firefox	0.9.3	Yes
Application	mozilla	firefox	0.10	Yes
Application	mozilla	firefox	0.10.1	Yes
Application	mozilla	firefox	1.0	Yes
Application	mozilla	firefox	1.0.1	Yes
Application	mozilla	firefox	1.0.2	Yes
Application	mozilla	firefox	1.0.3	Yes
Application	mozilla	firefox	1.0.4	Yes
Application	mozilla	firefox	1.0.5	Yes
Application	mozilla	firefox	1.0.6	Yes
Application	mozilla	firefox	1.0.7	Yes
Application	mozilla	firefox	1.0.8	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5.0.1	Yes
Application	mozilla	firefox	1.5.0.2	Yes
Application	mozilla	firefox	1.5.0.3	Yes
Application	mozilla	firefox	1.5.0.4	Yes
Application	mozilla	firefox	1.5.0.5	Yes
Application	mozilla	firefox	1.5.0.6	Yes
Application	netscape	navigator	8.1	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc ([email protected])
http://lcamtuf.coredump.cx/ffoxdie.html ([email protected])
http://lcamtuf.coredump.cx/ffoxdie3.html ([email protected])
http://secunia.com/advisories/21513 Vendor Advisory ([email protected])
http://secunia.com/advisories/21906 Vendor Advisory ([email protected])
http://secunia.com/advisories/21915 Vendor Advisory ([email protected])
http://secunia.com/advisories/21916 Vendor Advisory ([email protected])
http://secunia.com/advisories/21939 Vendor Advisory ([email protected])
http://secunia.com/advisories/21940 Vendor Advisory ([email protected])
http://secunia.com/advisories/21949 Vendor Advisory ([email protected])
http://secunia.com/advisories/21950 Vendor Advisory ([email protected])
http://secunia.com/advisories/22001 Vendor Advisory ([email protected])
http://secunia.com/advisories/22025 Vendor Advisory ([email protected])
http://secunia.com/advisories/22036 Vendor Advisory ([email protected])
http://secunia.com/advisories/22055 Vendor Advisory ([email protected])
http://secunia.com/advisories/22056 ([email protected])
http://secunia.com/advisories/22066 ([email protected])
http://secunia.com/advisories/22074 Vendor Advisory ([email protected])
http://secunia.com/advisories/22088 Vendor Advisory ([email protected])
http://secunia.com/advisories/22195 ([email protected])
http://secunia.com/advisories/22210 Vendor Advisory ([email protected])
http://secunia.com/advisories/22274 Vendor Advisory ([email protected])
http://secunia.com/advisories/22391 Vendor Advisory ([email protected])
http://secunia.com/advisories/22422 Vendor Advisory ([email protected])
http://secunia.com/advisories/24711 ([email protected])
http://security.gentoo.org/glsa/glsa-200609-19.xml ([email protected])
http://security.gentoo.org/glsa/glsa-200610-01.xml ([email protected])
http://security.gentoo.org/glsa/glsa-200610-04.xml ([email protected])
http://securitytracker.com/id?1016846 ([email protected])
http://securitytracker.com/id?1016847 ([email protected])
http://securitytracker.com/id?1016848 ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2006:169 ([email protected])
http://www.mozilla.org/security/announce/2006/mfsa2006-59.html ([email protected])
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html ([email protected])
http://www.pianetapc.it/view.php?id=770 URL Repurposed ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0675.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0676.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0677.html ([email protected])
http://www.securiteam.com/securitynews/5VP0M0AJFW.html ([email protected])
http://www.securityfocus.com/archive/1/443020/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/443306/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/443500/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/443528/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/446140/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/447837/100/200/threaded ([email protected])
http://www.securityfocus.com/archive/1/447840/100/200/threaded ([email protected])
http://www.securityfocus.com/archive/1/448956/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/448984/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/449245/100/100/threaded ([email protected])
http://www.securityfocus.com/archive/1/449487/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/449726/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/19488 ([email protected])
http://www.securityfocus.com/bid/19534 ([email protected])
http://www.ubuntu.com/usn/usn-350-1 ([email protected])
http://www.ubuntu.com/usn/usn-351-1 ([email protected])
http://www.ubuntu.com/usn/usn-352-1 ([email protected])
http://www.ubuntu.com/usn/usn-354-1 ([email protected])
http://www.vupen.com/english/advisories/2006/3617 ([email protected])
http://www.vupen.com/english/advisories/2006/3748 ([email protected])
http://www.vupen.com/english/advisories/2007/1198 ([email protected])
http://www.vupen.com/english/advisories/2008/0083 ([email protected])
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 ([email protected])
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 ([email protected])
https://bugzilla.mozilla.org/show_bug.cgi?id=348514 ([email protected])
https://issues.rpath.com/browse/RPL-640 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528 ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc (af854a3a-2127-422b-91ae-364da2661108)
http://lcamtuf.coredump.cx/ffoxdie.html (af854a3a-2127-422b-91ae-364da2661108)
http://lcamtuf.coredump.cx/ffoxdie3.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21513 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21906 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21915 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21916 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21939 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21940 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21949 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21950 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22001 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22025 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22036 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22055 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22056 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22066 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22074 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22088 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22195 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22210 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22274 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22391 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22422 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24711 (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200609-19.xml (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200610-01.xml (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200610-04.xml (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016846 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016847 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016848 (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:169 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2006/mfsa2006-59.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.pianetapc.it/view.php?id=770 URL Repurposed (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0675.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0676.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0677.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securiteam.com/securitynews/5VP0M0AJFW.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/443020/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/443306/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/443500/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/443528/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/446140/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/447837/100/200/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/447840/100/200/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/448956/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/448984/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449245/100/100/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449487/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449726/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/19488 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/19534 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-350-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-351-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-352-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-354-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3617 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3748 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/1198 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0083 (af854a3a-2127-422b-91ae-364da2661108)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 (af854a3a-2127-422b-91ae-364da2661108)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=348514 (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-640 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528 (af854a3a-2127-422b-91ae-364da2661108)