CVE-2006-0749
🔴 Łataj teraz
Błąd w nsHTMLContentSink.cpp w Firefox i Thunderbird umożliwia zdalne wywołanie awarii i potencjalne wykonanie kodu.
CVSS
9.3
EPSS
31.1%
Exploit
none
Vendor
mozilla
Opis źródłowy (NVD)
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
dos
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.3 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 31.1% |
| Opublikowano (NVD) | 2006-04-14 10:02:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-16 21:08:36 UTC |
Referencje
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt (secalert@redhat.com) [Third Party Advisory]
- ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc (secalert@redhat.com) [Broken Link]
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html (secalert@redhat.com) [Broken Link]
- http://secunia.com/advisories/19631 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19696 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19714 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19721 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19729 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19746 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19759 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19780 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19794 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19811 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19821 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19823 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19852 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19862 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19863 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19902 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19941 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/19950 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/20051 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/21033 (secalert@redhat.com) [Third Party Advisory]
- http://secunia.com/advisories/21622 (secalert@redhat.com) [Third Party Advisory]
- http://securityreason.com/securityalert/729 (secalert@redhat.com) [Third Party Advisory]
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 (secalert@redhat.com) [Broken Link]
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 (secalert@redhat.com) [Broken Link]
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm (secalert@redhat.com) [Third Party Advisory]
- http://www.debian.org/security/2006/dsa-1044 (secalert@redhat.com) [Third Party Advisory]
- http://www.debian.org/security/2006/dsa-1046 (secalert@redhat.com) [Third Party Advisory]
- http://www.debian.org/security/2006/dsa-1051 (secalert@redhat.com) [Third Party Advisory]
- http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml (secalert@redhat.com) [Third Party Advisory]
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml (secalert@redhat.com) [Third Party Advisory]
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml (secalert@redhat.com) [Third Party Advisory]
- http://www.kb.cert.org/vuls/id/736934 (secalert@redhat.com) [Third Party Advisory, US Government Resource]
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 (secalert@redhat.com) [Third Party Advisory]
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 (secalert@redhat.com) [Third Party Advisory]
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 (secalert@redhat.com) [Third Party Advisory]
- http://www.mozilla.org/security/announce/2006/mfsa2006-18.html (secalert@redhat.com) [Vendor Advisory]
- http://www.novell.com/linux/security/advisories/2006_04_25.html (secalert@redhat.com) [Broken Link]
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html (secalert@redhat.com) [Third Party Advisory]
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html (secalert@redhat.com) [Third Party Advisory]
- http://www.redhat.com/support/errata/RHSA-2006-0328.html (secalert@redhat.com) [Third Party Advisory]
- http://www.redhat.com/support/errata/RHSA-2006-0329.html (secalert@redhat.com) [Third Party Advisory]
- http://www.redhat.com/support/errata/RHSA-2006-0330.html (secalert@redhat.com) [Third Party Advisory]
- http://www.securityfocus.com/archive/1/431126/100/0/threaded (secalert@redhat.com) [Broken Link]
- http://www.securityfocus.com/archive/1/434524/100/0/threaded (secalert@redhat.com) [Broken Link]
- http://www.securityfocus.com/archive/1/436296/100/0/threaded (secalert@redhat.com) [Broken Link]
- http://www.securityfocus.com/archive/1/436338/100/0/threaded (secalert@redhat.com) [Broken Link]
- http://www.securityfocus.com/archive/1/438730/100/0/threaded (secalert@redhat.com) [Broken Link]
- http://www.securityfocus.com/bid/17516 (secalert@redhat.com) [Third Party Advisory, VDB Entry]
- http://www.us-cert.gov/cas/techalerts/TA06-107A.html (secalert@redhat.com) [Third Party Advisory, US Government Resource]
- http://www.vupen.com/english/advisories/2006/1356 (secalert@redhat.com) [Permissions Required, Third Party Advisory]
- http://www.vupen.com/english/advisories/2006/3391 (secalert@redhat.com) [Permissions Required, Third Party Advisory]
- http://www.zerodayinitiative.com/advisories/ZDI-06-009.html (secalert@redhat.com) [Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25819 (secalert@redhat.com) [Third Party Advisory, VDB Entry]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11704 (secalert@redhat.com) [Third Party Advisory]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1848 (secalert@redhat.com) [Third Party Advisory]
- https://usn.ubuntu.com/271-1/ (secalert@redhat.com) [Broken Link]
- https://usn.ubuntu.com/275-1/ (secalert@redhat.com) [Broken Link]
- https://usn.ubuntu.com/276-1/ (secalert@redhat.com) [Broken Link]