CVE-2006-4310
published 2006-08-23CVE-2006-4310: Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
5.83%
92.2th percentile
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| debian | firefox-esr | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| mozilla | firefox | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-39vq-3f5w-q742: Mozilla Firefox 1
ghsa_unreviewed·2022-05-01
CVE-2006-4310 [MEDIUM] CWE-20 GHSA-39vq-3f5w-q742: Mozilla Firefox 1
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
OSV
CVE-2006-4310: Mozilla Firefox 1
osv·2006-08-23·CVSS 4.3
CVE-2006-4310 [MEDIUM] CVE-2006-4310: Mozilla Firefox 1
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
Debian
CVE-2006-4310: firefox - Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (cr...
vendor_debian·2006·CVSS 4.3
CVE-2006-4310 [MEDIUM] CVE-2006-4310: firefox - Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (cr...
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
Scope: local
sid: resolved (fixed in 45.0-1)
Red Hat
CVE-2006-4310: Mozilla Firefox 1
vendor_redhat·CVSS 4.3
CVE-2006-4310 [MEDIUM] CVE-2006-4310: Mozilla Firefox 1
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
Statement: Red Hat does not consider this flaw a security issue. This flaw is the result of a NULL pointer dereference, which is not exploitable and can only cause a client crash.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/23197http://secunia.com/advisories/23202http://secunia.com/advisories/23235http://securityreason.com/securityalert/1444http://www.debian.org/security/2006/dsa-1224http://www.debian.org/security/2006/dsa-1225http://www.debian.org/security/2006/dsa-1227http://www.securityfocus.com/archive/1/444064/100/0/threadedhttp://www.securityfocus.com/bid/19678http://secunia.com/advisories/23197http://secunia.com/advisories/23202http://secunia.com/advisories/23235http://securityreason.com/securityalert/1444http://www.debian.org/security/2006/dsa-1224http://www.debian.org/security/2006/dsa-1225http://www.debian.org/security/2006/dsa-1227http://www.securityfocus.com/archive/1/444064/100/0/threadedhttp://www.securityfocus.com/bid/19678
2006-08-23
Published