cbcvebase.
CVE-2006-6498
published 2006-12-20

CVE-2006-6498: Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9…

PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
4.29%
89.9th percentile
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

Affected

50 ranges· showing 25
VendorProductVersion rangeFixed in
debianfirefox< firefox 45.0-1 (sid)firefox 45.0-1 (sid)
debianfirefox-esr< firefox 45.0-1 (sid)firefox 45.0-1 (sid)
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillamozilla
mozillaseamonkey
mozillaseamonkey
mozillaseamonkey
mozillaseamonkey
mozillaseamonkey
mozillaseamonkey
mozillaseamonkey
mozillathunderbird
mozillathunderbird
mozillathunderbird
mozillathunderbird
mozillathunderbird

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8HIGH
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.