CVE-2006-1724

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

http://secunia.com/advisories/19631

http://secunia.com/advisories/19649

http://secunia.com/advisories/19696

http://secunia.com/advisories/19714

http://secunia.com/advisories/19780

http://secunia.com/advisories/19863

http://secunia.com/advisories/19941

http://secunia.com/advisories/21033

http://secunia.com/advisories/21622

http://secunia.com/advisories/22065

http://secunia.com/advisories/22066

http://securitytracker.com/id?1015919

http://securitytracker.com/id?1015920

http://securitytracker.com/id?1015921

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

http://www.debian.org/security/2006/dsa-1046

http://www.debian.org/security/2006/dsa-1051

http://www.kb.cert.org/vuls/id/350262

http://www.mozilla.org/security/announce/2006/mfsa2006-20.html

http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html

http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html

http://www.redhat.com/support/errata/RHSA-2006-0328.html

http://www.redhat.com/support/errata/RHSA-2006-0330.html

http://www.securityfocus.com/archive/1/434524/100/0/threaded

http://www.securityfocus.com/archive/1/436338/100/0/threaded

http://www.securityfocus.com/archive/1/446657/100/200/threaded

http://www.securityfocus.com/archive/1/446658/100/200/threaded

http://www.securityfocus.com/bid/17516

http://www.us-cert.gov/cas/techalerts/TA06-107A.html

http://www.vupen.com/english/advisories/2006/1356

http://www.vupen.com/english/advisories/2006/3748

http://www.vupen.com/english/advisories/2006/3749

http://www.vupen.com/english/advisories/2008/0083

https://bugzilla.mozilla.org/show_bug.cgi?id=282105

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10243

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1901

Details

Source: MITRE

Published: 2006-04-14

Updated: 2018-10-18

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
24403Solaris 9 (sparc) : 120671-08NessusSolaris Local Security Checks
critical
24395Solaris 8 (sparc) : 120671-08NessusSolaris Local Security Checks
critical
23773Solaris 9 (x86) : 120672-08NessusSolaris Local Security Checks
critical
23772Solaris 8 (x86) : 120672-08NessusSolaris Local Security Checks
critical
22987Solaris 10 (x86) : 119116-35 (deprecated)NessusSolaris Local Security Checks
critical
22954Solaris 10 (sparc) : 119115-36 (deprecated)NessusSolaris Local Security Checks
critical
22593Debian DSA-1051-1 : mozilla-thunderbird - several vulnerabilitiesNessusDebian Local Security Checks
critical
22588Debian DSA-1046-1 : mozilla - several vulnerabilitiesNessusDebian Local Security Checks
critical
21994CentOS 4 : thunderbird (CESA-2006:0330)NessusCentOS Local Security Checks
critical
21993CentOS 4 : firefox (CESA-2006:0328)NessusCentOS Local Security Checks
critical
21898CentOS 3 / 4 : mozilla (CESA-2006:0329)NessusCentOS Local Security Checks
critical
21461FreeBSD : mozilla -- multiple vulnerabilities (84630f4a-cd8c-11da-b7b9-000c6ec775d9)NessusFreeBSD Local Security Checks
critical
21288RHEL 4 : thunderbird (RHSA-2006:0330)NessusRed Hat Local Security Checks
critical
21257RHEL 2.1 / 3 / 4 : mozilla (RHSA-2006:0329)NessusRed Hat Local Security Checks
critical
21251Fedora Core 5 : firefox-1.5.0.2-1.1.fc5 (2006-411)NessusFedora Local Security Checks
critical
21250Fedora Core 4 : firefox-1.0.8-1.1.fc4 (2006-410)NessusFedora Local Security Checks
critical
21232RHEL 4 : firefox (RHSA-2006:0328)NessusRed Hat Local Security Checks
critical
21226SeaMonkey < 1.0.1 Multiple VulnerabilitiesNessusWindows
high
21225Firefox < 1.5.0.2 Multiple VulnerabilitiesNessusWindows
high
3516SeaMonkey < 1.0.1 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
3514Mozilla Firefox < 1.7.13 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
3513Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities (deprecated)Nessus Network MonitorSMTP Clients
medium
3512Mozilla Firefox < 1.0.8 / 1.5.x < 1.5.0.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
801357Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
801226Mozilla Browser < 1.7.13 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
801220Mozilla Firefox < 1.5.0.2 or 1.0.8 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high