CVE-2006-6499Infinite Loop in Mozilla Firefox

CWE-835Infinite LoopCWE-834Excessive IterationCWE-1339Insufficient Precision or Accuracy of a Real Number13 documents8 sources
Severity
4.3MEDIUMNVD
EPSS
13.7%
top 5.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+4 more
Timeline
PublishedDec 20
Latest updateMay 1

Description

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages5 packages

NVDmozilla/firefox1.51.5.0.9+1
NVDmozilla/seamonkey< 1.0.7
NVDmozilla/thunderbird< 1.5.0.9
debiandebian/firefox< firefox 45.0-1 (sid)
debiandebian/firefox-esr< firefox 45.0-1 (sid)

Also affects: Debian Linux 3.1, 4.0, Ubuntu Linux 5.10, 6.06, 6.10

🔴Vulnerability Details

2
GHSA
GHSA-636h-f5g9-p45x: The js_dtoa function in Mozilla Firefox 22022-05-01
OSV
CVE-2006-6499: The js_dtoa function in Mozilla Firefox 22006-12-20

📋Vendor Advisories

5
Ubuntu
Firefox regression2007-01-27
Ubuntu
Thunderbird vulnerabilities2007-01-05
Ubuntu
Firefox vulnerabilities2007-01-03
Ubuntu
Firefox vulnerabilities2007-01-03
Debian
CVE-2006-6499: firefox - The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9...2006

📐Framework References

3
CWE
Excessive Iteration
CWE
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE
Insufficient Precision or Accuracy of a Real Number

📄Research Papers

1
arXiv
On managing vulnerabilities in AI/ML systems2021-01-22

💬Community

1
Bugzilla
seamonkey < 1.0.7 multiple vulnerabilities2006-12-21