Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0295 — Out-of-bounds Write in Firefox

9 documents7 sources

Severity

5.1MEDIUMNVD

EPSS

83.4%

top 0.72%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Mozilla Thunderbird Debian Firefox Debian Thunderbird +2 more

Timeline

PublishedFeb 2

Latest updateMay 1

Description

Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages6 packages

▶Debianmozilla/thunderbird< 1.5.0.2-1+3

▶NVDmozilla/firefox1.5

▶NVDmozilla/seamonkey1.0

▶NVDmozilla/thunderbird1.5

▶debiandebian/firefox< firefox 1.5.dfsg+1.5.0.1-1 (sid)

Patches

Patch: bugzilla.mozilla.org ↗Patch: bugzilla.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-ggv2-xg5v-qq68: Mozilla Firefox 1↗2022-05-01

▶

OSV

CVE-2006-0295: Mozilla Firefox 1↗2006-02-02

▶

💥Exploits & PoCs

Exploit-DB

Mozilla Firefox - location.QueryInterface() Code Execution (Metasploit)↗2010-09-20

▶

Exploit-DB

Mozilla Firefox 1.5 (OSX) - 'location.QueryInterface()' Code Execution (Metasploit)↗2006-02-08

▶

Exploit-DB

Mozilla Firefox 1.5 (Linux) - 'location.QueryInterface()' Code Execution (Metasploit)↗2006-02-07

▶

Metasploit

Firefox location.QueryInterface() Code Execution↗

▶

📋Vendor Advisories

Debian

CVE-2006-0295: firefox - Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMo...↗2006

▶

💬Community

Bugzilla

CVE-2005-4134, CVE-2006-0292, CVE-2006-0296 critical mozilla vulnerabilities↗2006-02-04

▶