CVE-2006-5633
published 2006-10-31CVE-2006-5633: Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling…
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
6.86%
93.2th percentile
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| debian | firefox-esr | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | seamonkey | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Mozilla Seamonkey 1.1 denial of service (Bug 213237 / EDB-2695)
vuldb·2026-04-26·CVSS 5.0
CVE-2006-5633 [MEDIUM] Mozilla Seamonkey 1.1 denial of service (Bug 213237 / EDB-2695)
A vulnerability classified as problematic was found in Mozilla Seamonkey 1.1. Affected is an unknown function. The manipulation results in denial of service.
This vulnerability is cataloged as CVE-2006-5633. The attack may be launched remotely. Furthermore, there is an exploit available.
GHSA
GHSA-vwr8-5r39-5qmj: Firefox 1
ghsa_unreviewed·2022-05-01
CVE-2006-5633 [MEDIUM] GHSA-vwr8-5r39-5qmj: Firefox 1
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
OSV
CVE-2006-5633: Firefox 1
osv·2006-10-31·CVSS 5.0
CVE-2006-5633 [MEDIUM] CVE-2006-5633: Firefox 1
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
Debian
CVE-2006-5633: firefox - Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a ...
vendor_debian·2006·CVSS 5.0
CVE-2006-5633 [MEDIUM] CVE-2006-5633: firefox - Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a ...
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
Scope: local
sid: resolved (fixed in 45.0-1)
Red Hat
CVE-2006-5633: Firefox 1
vendor_redhat·CVSS 5.0
CVE-2006-5633 [MEDIUM] CVE-2006-5633: Firefox 1
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
Statement: Red Hat does not consider a user-assisted crash of a client application such as Firefox to be a security issue.
No detection rules found.
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050416.htmlhttp://www.gotfault.net/research/advisory/gadv-firefox.txthttp://www.securityfocus.com/archive/1/450155/100/0/threadedhttp://www.securityfocus.com/archive/1/450167/100/0/threadedhttp://www.securityfocus.com/archive/1/450168/100/0/threadedhttp://www.securityfocus.com/archive/1/450682/100/200/threadedhttp://www.securityfocus.com/archive/1/452803/100/0/threadedhttp://www.securityfocus.com/bid/20799https://bugzilla.mozilla.org/show_bug.cgi?id=358797https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=213237https://exchange.xforce.ibmcloud.com/vulnerabilities/29916http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050416.htmlhttp://www.gotfault.net/research/advisory/gadv-firefox.txthttp://www.securityfocus.com/archive/1/450155/100/0/threadedhttp://www.securityfocus.com/archive/1/450167/100/0/threadedhttp://www.securityfocus.com/archive/1/450168/100/0/threadedhttp://www.securityfocus.com/archive/1/450682/100/200/threadedhttp://www.securityfocus.com/archive/1/452803/100/0/threadedhttp://www.securityfocus.com/bid/20799https://bugzilla.mozilla.org/show_bug.cgi?id=358797https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=213237https://exchange.xforce.ibmcloud.com/vulnerabilities/29916
2006-10-31
Published