CVE-2006-5159 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox
3 documents3 sources
Severity
7.5HIGHNVD
EPSS
7.3%
top 8.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 5
Latest updateMay 1
Description
Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released a follow-up comment disputing the severity of this issue, in which the researcher states that "we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this... I hav…
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages1 packages
🔴Vulnerability Details
1GHSA▶
GHSA-4qvm-8x6x-vhwj: ** DISPUTED ** Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Java↗2022-05-01
📋Vendor Advisories
1Red Hat▶
CVE-2006-5159: Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript↗