Description The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
CVSS vector AV:N/AC:L/C:N/I:P/A:N Exploitability: 10.0 | Impact: 2.9 Complexity: Low
Confidentiality: None
Availability: None
Affected Packages5 packages
🔴 Vulnerability Details3 GHSA GHSA-7mq9-p447-2gr2: The JavaScript engine in Mozilla Firefox and Thunderbird 1 ↗ 2022-05-03 ▶ CVEList CVE-2006-1742: The JavaScript engine in Mozilla Firefox and Thunderbird 1 ↗ 2006-04-14 ▶ OSV CVE-2006-1742: The JavaScript engine in Mozilla Firefox and Thunderbird 1 ↗ 2006-04-14 ▶
📋 Vendor Advisories5 Ubuntu Thunderbird vulnerabilities ↗ 2006-05-03 ▶ Ubuntu Mozilla vulnerabilities ↗ 2006-04-28 ▶ Ubuntu Firefox vulnerabilities ↗ 2006-04-20 ▶ Debian CVE-2006-1742: firefox - The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.... ↗ 2006 ▶
💬 Community7 Bugzilla CVE-2006-1742 security flaw ↗ 2018-08-16 ▶ Bugzilla CVE-2006-1742 JavaScript garbage-collection hazard audit ↗ 2006-04-13 ▶ Bugzilla CVE-2006-1742 JavaScript garbage-collection hazard audit ↗ 2006-04-13 ▶ Bugzilla CVE-2006-1742 JavaScript garbage-collection hazard audit ↗ 2006-04-13 ▶ Bugzilla CVE-2006-1742 JavaScript garbage-collection hazard audit ↗ 2006-04-13 ▶ Show 2 more