CVE-2006-6499
published 2006-12-20CVE-2006-6499: The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
3.72%
88.5th percentile
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | firefox | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| debian | firefox-esr | < firefox 45.0-1 (sid) | firefox 45.0-1 (sid) |
| mozilla | firefox | >= 1.5 < 1.5.0.9 | 1.5.0.9 |
| mozilla | firefox | >= 2.0 < 2.0.0.1 | 2.0.0.1 |
| mozilla | seamonkey | < 1.0.7 | 1.0.7 |
| mozilla | thunderbird | < 1.5.0.9 | 1.5.0.9 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_ubuntu6.8MEDIUM
vendor_debian4.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Firefox regression
vendor_ubuntu·2007-01-27·CVSS 6.8
[MEDIUM] Firefox regression
Title: Firefox regression
Summary: Firefox regression
USN-398-2 fixed vulnerabilities in Firefox 1.5. However, when
auto-filling saved-password login forms without a username field,
Firefox would crash. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6504)
Various flaws have been reported that allow an attacker to bypass
Firefox's internal XSS protections by tricking the user into opening a
malicious web page containing JavaScript. (CVE-2006-6503)
Instructions: After a
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2007-01-05·CVSS 6.8
CVE-2006-6505 [MEDIUM] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
Georgi Guninski and David Bienvenu discovered that long Content-Type and
RFC2047-encoded headers we vulnerable to heap overflows. By tricking
the user into opening a specially crafted email, an attacker could
execute arbitrary code with user privileges. (CVE-2006-6506)
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges or bypass internal XSS protections
by tricking the user into opening a malicious email containing
JavaScript. Please note that JavaScript is disabled by default for
emails, and it is not recommended to enable it. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6503)
Instructions: After a standard system upgrade y
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2007-01-03·CVSS 6.8
CVE-2006-6504 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
USN-398-1 fixed vulnerabilities in Firefox 2.0. This update provides
the corresponding updates for Firefox 1.5.
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6504)
Various flaws have been reported that allow an attacker to bypass
Firefox's internal XSS protections by tricking the user into opening a
malicious web page containing JavaScript. (CVE-2006-6503)
Instructions: After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2007-01-03·CVSS 6.8
CVE-2006-6506 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6504)
Various flaws have been reported that allow an attacker to bypass
Firefox's internal XSS protections by tricking the user into opening a
malicious web page containing JavaScript. (CVE-2006-6503,
CVE-2006-6507)
Jared Breland discovered that the "Feed Preview" feature could leak
referrer information to remote servers. (CVE-2006-6506)
Instructions: After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
Debian
CVE-2006-6499: firefox - The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9...
vendor_debian·2006·CVSS 4.3
CVE-2006-6499 [MEDIUM] CVE-2006-6499: firefox - The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9...
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
Scope: local
sid: resolved (fixed in 45.0-1)
GHSA
GHSA-636h-f5g9-p45x: The js_dtoa function in Mozilla Firefox 2
ghsa_unreviewed·2022-05-01
CVE-2006-6499 [MEDIUM] CWE-835 GHSA-636h-f5g9-p45x: The js_dtoa function in Mozilla Firefox 2
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
OSV
CVE-2006-6499: The js_dtoa function in Mozilla Firefox 2
osv·2006-12-20·CVSS 4.3
CVE-2006-6499 [MEDIUM] CVE-2006-6499: The js_dtoa function in Mozilla Firefox 2
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
No detection rules found.
No public exploits indexed.
arXiv
On managing vulnerabilities in AI/ML systems
arxiv_fulltext·2021-01-22
On managing vulnerabilities in AI/ML systems
On managing vulnerabilities in AI/ML systems
Jonathan M. Spring
jspring AT sei dot cmu dot edu
0000-0001-9356-219X
CERT Coordination Center\ Engineering Institute\ Mellon University
Pittsburgh
PA
15213
April Galyardt
Software Engineering Institute\ Mellon University
Pittsburgh
PA
15213
Allen D. Householder
0000-0001-8970-4108
CERT Coordination Center\ Engineering Institute\ Mellon University
Pittsburgh
PA
15213
Nathan VanHoudnos
Software Engineering Institute\ Mellon University
Pittsburgh
PA
15213
Spring, Galyardt, Householder, and VanHoudnos
## Abstract
This paper explores how the current paradigm of vulnerability management might adapt to include machine learning systems through a
thought experiment: what if flaws in *ML were assigned *CVE-ID?
We consider both *ML algorithms a
Bugzilla
seamonkey < 1.0.7 multiple vulnerabilities
bugzilla·2006-12-21·CVSS 6.8
CVE-2006-6497 [MEDIUM] seamonkey < 1.0.7 multiple vulnerabilities
seamonkey < 1.0.7 multiple vulnerabilities
Vulnerabilities reported against seamonkey < 1.0.7:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6505
All FE4+ releases have < 1.0.7 at the moment.
By the way, seamonkey's CVS and package repository availability needs fixing,
the FC-5 branch in Extras CVS has been marked as dead with a comment that
seamonkey will be imported as a FC-5 (Core) update, b
CWE
Excessive Iteration
mitre_cwe
CWE-834 Excessive Iteration
CWE-834: Excessive Iteration
The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
If the iteration can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory. In many cases, a loop does not need to be infinite in order to cause enough resource consumption to adversely affect the product or its host system; it depends on the amount of resources consumed per iteration.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Availability. Impact: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Amplification, DoS: Crash, Exit, or Restart. Excessive looping will cause unexpected consumption of resources, such as CPU cycl
CWE
Loop with Unreachable Exit Condition ('Infinite Loop')
mitre_cwe
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Availability. Impact: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Amplification. An infinite loop will cause unexpected consumption of resources, such as CPU cycles or memory. The software's operation may slow down, or cause a long time to respond.
Detection Methods:
Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typi
CWE
Insufficient Precision or Accuracy of a Real Number
mitre_cwe
CWE-1339 Insufficient Precision or Accuracy of a Real Number
CWE-1339: Insufficient Precision or Accuracy of a Real Number
The product processes a real number with an implementation in which the number's representation does not preserve required accuracy and precision in its fractional part, causing an incorrect result.
When a security decision or calculation requires highly precise, accurate numbers such as financial calculations or prices, then small variations in the number could be exploited by an attacker. There are multiple ways to store the fractional part of a real number in a computer. In all of these cases, there is a limit to the accuracy of recording a fraction. If the fraction can be represented in a fixed number of digits (binary or decimal), there might not be enough digits assigned to represent the number. In other cases the number
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://secunia.com/advisories/23282http://secunia.com/advisories/23420http://secunia.com/advisories/23422http://secunia.com/advisories/23545http://secunia.com/advisories/23589http://secunia.com/advisories/23591http://secunia.com/advisories/23614http://secunia.com/advisories/23672http://secunia.com/advisories/23692http://secunia.com/advisories/23988http://secunia.com/advisories/24078http://secunia.com/advisories/24390http://security.gentoo.org/glsa/glsa-200701-02.xmlhttp://securitytracker.com/id?1017398http://securitytracker.com/id?1017405http://securitytracker.com/id?1017406http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1http://www.debian.org/security/2007/dsa-1253http://www.debian.org/security/2007/dsa-1258http://www.debian.org/security/2007/dsa-1265http://www.gentoo.org/security/en/glsa/glsa-200701-04.xmlhttp://www.kb.cert.org/vuls/id/427972http://www.mozilla.org/security/announce/2006/mfsa2006-68.htmlhttp://www.novell.com/linux/security/advisories/2006_80_mozilla.htmlhttp://www.novell.com/linux/security/advisories/2007_06_mozilla.htmlhttp://www.securityfocus.com/bid/21668http://www.ubuntu.com/usn/usn-398-1http://www.ubuntu.com/usn/usn-398-2http://www.ubuntu.com/usn/usn-400-1http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlhttp://www.vupen.com/english/advisories/2006/5068http://www.vupen.com/english/advisories/2007/1124http://www.vupen.com/english/advisories/2008/0083http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://secunia.com/advisories/23282http://secunia.com/advisories/23420http://secunia.com/advisories/23422http://secunia.com/advisories/23545http://secunia.com/advisories/23589http://secunia.com/advisories/23591http://secunia.com/advisories/23614http://secunia.com/advisories/23672http://secunia.com/advisories/23692http://secunia.com/advisories/23988http://secunia.com/advisories/24078http://secunia.com/advisories/24390http://security.gentoo.org/glsa/glsa-200701-02.xmlhttp://securitytracker.com/id?1017398http://securitytracker.com/id?1017405http://securitytracker.com/id?1017406http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1http://www.debian.org/security/2007/dsa-1253http://www.debian.org/security/2007/dsa-1258http://www.debian.org/security/2007/dsa-1265http://www.gentoo.org/security/en/glsa/glsa-200701-04.xmlhttp://www.kb.cert.org/vuls/id/427972http://www.mozilla.org/security/announce/2006/mfsa2006-68.htmlhttp://www.novell.com/linux/security/advisories/2006_80_mozilla.htmlhttp://www.novell.com/linux/security/advisories/2007_06_mozilla.htmlhttp://www.securityfocus.com/bid/21668http://www.ubuntu.com/usn/usn-398-1http://www.ubuntu.com/usn/usn-398-2http://www.ubuntu.com/usn/usn-400-1http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlhttp://www.vupen.com/english/advisories/2006/5068http://www.vupen.com/english/advisories/2007/1124http://www.vupen.com/english/advisories/2008/0083
2006-12-20
Published