Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
http://secunia.com/advisories/19759
http://secunia.com/advisories/19794
http://secunia.com/advisories/19811
http://secunia.com/advisories/19821
http://secunia.com/advisories/19823
http://secunia.com/advisories/19852
http://secunia.com/advisories/19862
http://secunia.com/advisories/19863
http://secunia.com/advisories/19902
http://secunia.com/advisories/19941
http://secunia.com/advisories/19950
http://secunia.com/advisories/20051
http://secunia.com/advisories/21033
http://secunia.com/advisories/21622
http://secunia.com/advisories/22065
http://secunia.com/advisories/22066
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.debian.org/security/2006/dsa-1044
http://www.debian.org/security/2006/dsa-1046
http://www.debian.org/security/2006/dsa-1051
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
http://www.mozilla.org/security/announce/2006/mfsa2006-27.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.redhat.com/support/errata/RHSA-2006-0329.html
http://www.redhat.com/support/errata/RHSA-2006-0330.html
http://www.securityfocus.com/archive/1/432103/100/0/threaded
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/438730/100/0/threaded
http://www.securityfocus.com/archive/1/446657/100/200/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/bid/17516
http://www.vupen.com/english/advisories/2006/1356
http://www.vupen.com/english/advisories/2006/3391
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2006/3749
http://www.vupen.com/english/advisories/2008/0083
http://www.zerodayinitiative.com/advisories/ZDI-06-011/
https://exchange.xforce.ibmcloud.com/vulnerabilities/25985
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11164
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1189
OR
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
29744 | Firefox < 1.0.8 Multiple Vulnerabilities | Nessus | Windows | high |
24403 | Solaris 9 (sparc) : 120671-08 | Nessus | Solaris Local Security Checks | critical |
24395 | Solaris 8 (sparc) : 120671-08 | Nessus | Solaris Local Security Checks | critical |
23773 | Solaris 9 (x86) : 120672-08 | Nessus | Solaris Local Security Checks | critical |
23772 | Solaris 8 (x86) : 120672-08 | Nessus | Solaris Local Security Checks | critical |
22987 | Solaris 10 (x86) : 119116-35 (deprecated) | Nessus | Solaris Local Security Checks | critical |
22954 | Solaris 10 (sparc) : 119115-36 (deprecated) | Nessus | Solaris Local Security Checks | critical |
22593 | Debian DSA-1051-1 : mozilla-thunderbird - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
22588 | Debian DSA-1046-1 : mozilla - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
22586 | Debian DSA-1044-1 : mozilla-firefox - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
21994 | CentOS 4 : thunderbird (CESA-2006:0330) | Nessus | CentOS Local Security Checks | critical |
21993 | CentOS 4 : firefox (CESA-2006:0328) | Nessus | CentOS Local Security Checks | critical |
21898 | CentOS 3 / 4 : mozilla (CESA-2006:0329) | Nessus | CentOS Local Security Checks | critical |
21351 | GLSA-200605-09 : Mozilla Thunderbird: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
21321 | Ubuntu 5.04 / 5.10 : mozilla-thunderbird vulnerabilities (USN-276-1) | Nessus | Ubuntu Local Security Checks | critical |
21315 | GLSA-200604-18 : Mozilla Suite: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
21301 | Ubuntu 4.10 / 5.04 / 5.10 : mozilla vulnerabilities (USN-275-1) | Nessus | Ubuntu Local Security Checks | critical |
21288 | RHEL 4 : thunderbird (RHSA-2006:0330) | Nessus | Red Hat Local Security Checks | critical |
21284 | Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:078) | Nessus | Mandriva Local Security Checks | critical |
21282 | Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:075) | Nessus | Mandriva Local Security Checks | critical |
21277 | GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
21257 | RHEL 2.1 / 3 / 4 : mozilla (RHSA-2006:0329) | Nessus | Red Hat Local Security Checks | critical |
21232 | RHEL 4 : firefox (RHSA-2006:0328) | Nessus | Red Hat Local Security Checks | critical |
21226 | SeaMonkey < 1.0.1 Multiple Vulnerabilities | Nessus | Windows | high |
21225 | Firefox < 1.5.0.2 Multiple Vulnerabilities | Nessus | Windows | high |
3516 | SeaMonkey < 1.0.1 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
3514 | Mozilla Firefox < 1.7.13 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
3513 | Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities (deprecated) | Nessus Network Monitor | SMTP Clients | medium |
3512 | Mozilla Firefox < 1.0.8 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
801357 | Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities | Log Correlation Engine | SMTP Clients | high |
801226 | Mozilla Browser < 1.7.13 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801220 | Mozilla Firefox < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |