Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Mozilla / Firefox / Seamonkey / Thunderbird security vulnerabilities
updated since 27.07.2006
Published:02.08.2006
Source:
SecurityVulns ID:6414
Type:client
Threat Level:
9/10
Description:Multiple vulnerabilities allow unrestricted code execution. Can be used for hidden malware installation.
Affected:MOZILLA : Thunderbird 1.0
 NETSCAPE : Netscape 8.1
 MOZILLA : Firefox 1.5
 MOZILLA : Seamonkey 1.0
 KMELEON : K-Meleon 1.0
 FLOCK : Flock 0.7
CVE:CVE-2006-6956 (Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.)
 CVE-2006-6955 (Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.)
 CVE-2006-6954 (Flock beta 1 0.7 allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.)
 CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified.)
Original documentdocumentJuha-Matti Laurio, Netscape/K-Meleon/Flock JavaScript navigator Vulnerability (02.08.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities (28.07.2006)
 documentSECUNIA, [Full-disclosure] Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption (27.07.2006)
 documentUBUNTU, [USN-323-1] mozilla vulnerabilities (27.07.2006)
 documentUBUNTU, [USN-297-3] Thunderbird vulnerabilities (27.07.2006)
 documentSECUNIA, [SA19873] Mozilla Firefox Multiple Vulnerabilities (27.07.2006)
 documentZDI, [Full-disclosure] ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability (27.07.2006)
Files:Firefox <= 1.5.0.4 Javascript navigator Object Code Execution PoC

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod