Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-6498

Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

Published

2006-12-20T01:28:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5.0.1	Yes
Application	mozilla	firefox	1.5.0.2	Yes
Application	mozilla	firefox	1.5.0.3	Yes
Application	mozilla	firefox	1.5.0.4	Yes
Application	mozilla	firefox	1.5.0.5	Yes
Application	mozilla	firefox	1.5.0.6	Yes
Application	mozilla	firefox	1.5.0.7	Yes
Application	mozilla	firefox	1.5.0.8	Yes
Application	mozilla	firefox	2.0	Yes
Application	mozilla	mozilla	1.7	Yes
Application	mozilla	thunderbird	0.1	Yes
Application	mozilla	thunderbird	0.2	Yes
Application	mozilla	thunderbird	0.3	Yes
Application	mozilla	thunderbird	0.4	Yes
Application	mozilla	thunderbird	0.5	Yes
Application	mozilla	thunderbird	0.6	Yes
Application	mozilla	thunderbird	0.7	Yes
Application	mozilla	thunderbird	0.7.1	Yes
Application	mozilla	thunderbird	0.7.2	Yes
Application	mozilla	thunderbird	0.7.3	Yes
Application	mozilla	thunderbird	0.8	Yes
Application	mozilla	thunderbird	0.9	Yes
Application	mozilla	thunderbird	1.0	Yes
Application	mozilla	thunderbird	1.0.1	Yes
Application	mozilla	thunderbird	1.0.2	Yes
Application	mozilla	thunderbird	1.0.3	Yes
Application	mozilla	thunderbird	1.0.4	Yes
Application	mozilla	thunderbird	1.0.5	Yes
Application	mozilla	thunderbird	1.0.6	Yes
Application	mozilla	thunderbird	1.0.7	Yes
Application	mozilla	thunderbird	1.0.8	Yes
Application	mozilla	thunderbird	1.5	Yes
Application	mozilla	thunderbird	1.5.0.1	Yes
Application	mozilla	thunderbird	1.5.0.2	Yes
Application	mozilla	thunderbird	1.5.0.3	Yes
Application	mozilla	thunderbird	1.5.0.4	Yes
Application	mozilla	thunderbird	1.5.0.5	Yes
Application	mozilla	thunderbird	1.5.0.6	Yes
Application	mozilla	thunderbird	1.5.0.7	Yes
Application	mozilla	thunderbird	1.5.0.8	Yes
Application	mozilla	seamonkey	1.0	Yes
Application	mozilla	seamonkey	1.0.1	Yes
Application	mozilla	seamonkey	1.0.2	Yes
Application	mozilla	seamonkey	1.0.3	Yes
Application	mozilla	seamonkey	1.0.4	Yes
Application	mozilla	seamonkey	1.0.5	Yes
Application	mozilla	seamonkey	1.0.6	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc ([email protected])
http://fedoranews.org/cms/node/2297 ([email protected])
http://fedoranews.org/cms/node/2338 ([email protected])
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 ([email protected])
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0758.html Vendor Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0759.html Vendor Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2006-0760.html Vendor Advisory ([email protected])
http://secunia.com/advisories/23282 Vendor Advisory ([email protected])
http://secunia.com/advisories/23420 Vendor Advisory ([email protected])
http://secunia.com/advisories/23422 Vendor Advisory ([email protected])
http://secunia.com/advisories/23433 Vendor Advisory ([email protected])
http://secunia.com/advisories/23439 Vendor Advisory ([email protected])
http://secunia.com/advisories/23440 Vendor Advisory ([email protected])
http://secunia.com/advisories/23468 Vendor Advisory ([email protected])
http://secunia.com/advisories/23514 Vendor Advisory ([email protected])
http://secunia.com/advisories/23545 Vendor Advisory ([email protected])
http://secunia.com/advisories/23589 Vendor Advisory ([email protected])
http://secunia.com/advisories/23591 Vendor Advisory ([email protected])
http://secunia.com/advisories/23601 Vendor Advisory ([email protected])
http://secunia.com/advisories/23614 Vendor Advisory ([email protected])
http://secunia.com/advisories/23618 Vendor Advisory ([email protected])
http://secunia.com/advisories/23672 Vendor Advisory ([email protected])
http://secunia.com/advisories/23692 Vendor Advisory ([email protected])
http://secunia.com/advisories/23988 Vendor Advisory ([email protected])
http://secunia.com/advisories/24078 Vendor Advisory ([email protected])
http://secunia.com/advisories/24390 Vendor Advisory ([email protected])
http://secunia.com/advisories/25556 Vendor Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200701-02.xml ([email protected])
http://securitytracker.com/id?1017398 ([email protected])
http://securitytracker.com/id?1017405 ([email protected])
http://securitytracker.com/id?1017406 ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1 ([email protected])
http://www.debian.org/security/2007/dsa-1253 ([email protected])
http://www.debian.org/security/2007/dsa-1258 ([email protected])
http://www.debian.org/security/2007/dsa-1265 ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml ([email protected])
http://www.kb.cert.org/vuls/id/427972 US Government Resource ([email protected])
http://www.kb.cert.org/vuls/id/447772 US Government Resource ([email protected])
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html ([email protected])
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html ([email protected])
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html ([email protected])
http://www.securityfocus.com/archive/1/455145/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/455728/100/200/threaded ([email protected])
http://www.securityfocus.com/bid/21668 ([email protected])
http://www.ubuntu.com/usn/usn-398-1 ([email protected])
http://www.ubuntu.com/usn/usn-398-2 ([email protected])
http://www.ubuntu.com/usn/usn-400-1 ([email protected])
http://www.us-cert.gov/cas/techalerts/TA06-354A.html US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2006/5068 ([email protected])
http://www.vupen.com/english/advisories/2007/2106 ([email protected])
http://www.vupen.com/english/advisories/2008/0083 ([email protected])
https://issues.rpath.com/browse/RPL-883 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661 ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc (af854a3a-2127-422b-91ae-364da2661108)
http://fedoranews.org/cms/node/2297 (af854a3a-2127-422b-91ae-364da2661108)
http://fedoranews.org/cms/node/2338 (af854a3a-2127-422b-91ae-364da2661108)
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (af854a3a-2127-422b-91ae-364da2661108)
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0758.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0759.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0760.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23282 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23420 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23422 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23433 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23439 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23440 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23468 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23514 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23545 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23589 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23591 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23601 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23614 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23618 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23672 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23692 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23988 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24078 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24390 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25556 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200701-02.xml (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017398 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017405 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017406 (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2007/dsa-1253 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2007/dsa-1258 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2007/dsa-1265 (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/427972 US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/447772 US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/455145/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/455728/100/200/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/21668 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-398-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-398-2 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-400-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA06-354A.html US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/5068 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/2106 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0083 (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-883 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661 (af854a3a-2127-422b-91ae-364da2661108)