cbcvebase.
CVE-2006-1993
published 2006-04-25

CVE-2006-1993: Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain…

PriorityP340medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
51.35%
98.8th percentile
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 1.5.dfsg+1.5.0.3-1 (sid)firefox 1.5.dfsg+1.5.0.3-1 (sid)
mozillafirefox

Detection & IOCsextracted from sources · hover to see the quote

filenamejs320.dll
filenamexpcom_core.dll
versionMozilla Firefox 1.5.0.2
  • Trigger condition requires designMode to be enabled in the browser; monitor for iframe-based JS invoking contentWindow.focus() while designMode is active
  • Exploitation results in a use-after-free/dangling reference to a deleted controller context object — crash telemetry or access violations in js320.dll or xpcom_core.dll on Firefox 1.5.0.2 are indicative
  • ·Vulnerability is only exploitable when designMode is enabled in the target browsing context; not exploitable in default browser configurations
  • ·The buffer overflow characterisation of js320.dll and xpcom_core.dll is disputed by the vendor; the actual root cause is a dangling reference to a deleted controller context object
  • ·Fixed in Debian package version 1.5.dfsg+1.5.0.3-1; upstream fix is Firefox 1.5.0.3

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
vendor_debian5.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.