CVE-2006-0294

HIGH

Description

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.

References

http://secunia.com/advisories/18700

http://secunia.com/advisories/18704

http://secunia.com/advisories/22065

http://securitytracker.com/id?1015570

http://www.mozilla.org/security/announce/2006/mfsa2006-02.html

http://www.securityfocus.com/archive/1/446657/100/200/threaded

http://www.securityfocus.com/bid/16476

http://www.vupen.com/english/advisories/2006/0413

http://www.vupen.com/english/advisories/2006/3749

https://bugzilla.mozilla.org/show_bug.cgi?id=317934

https://exchange.xforce.ibmcloud.com/vulnerabilities/24431

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1514

Details

Source: MITRE

Published: 2006-02-02

Updated: 2018-10-19

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

ID	Name	Product	Family	Severity
24403	Solaris 9 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
24395	Solaris 8 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
23773	Solaris 9 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
23772	Solaris 8 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
22987	Solaris 10 (x86) : 119116-35 (deprecated)	Nessus	Solaris Local Security Checks	critical
22954	Solaris 10 (sparc) : 119115-36 (deprecated)	Nessus	Solaris Local Security Checks	critical
20863	SeaMonkey < 1.0 Multiple Vulnerabilities	Nessus	Windows	high
20842	Firefox < 1.5.0.1 Multiple Vulnerabilities	Nessus	Windows	high
3405	Mozilla Firefox < 1.5.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3258	Mozilla Thunderbird < 1.5 Multiple Vulnerabilities (deprecated)	Nessus Network Monitor	SMTP Clients	medium
3516	SeaMonkey < 1.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3514	Mozilla Firefox < 1.7.13 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3513	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities (deprecated)	Nessus Network Monitor	SMTP Clients	medium
3512	Mozilla Firefox < 1.0.8 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
801357	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801290	Mozilla Thunderbird < 1.5 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801243	Mozilla Firefox < 1.5.0.1 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801226	Mozilla Browser < 1.7.13 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801220	Mozilla Firefox < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high