Debian Firefox vulnerabilities

CVE-2006-5748 [MEDIUM] CVE-2006-5748: firefox - Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox... Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger memory corruption. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-2788 [HIGH] CVE-2006-2788: firefox - Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox a... Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.4)

CVE-2006-0748 [CRITICAL] CVE-2006-0748: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozil... Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)

CVE-2006-1734 [MEDIUM] CVE-2006-1734: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla S... Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-2)

CVE-2006-6504 [CRITICAL] CVE-2006-6504: firefox - Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1... Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-4565 [CRITICAL] CVE-2006-4565: firefox - Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before... Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.7-1)

CVE-2006-2778 [MEDIUM] CVE-2006-2778: firefox - The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 a... The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.4-1)

CVE-2006-6501 [MEDIUM] CVE-2006-6501: firefox - Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.... Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-6499 [MEDIUM] CVE-2006-6499: firefox - The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9... The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-1993 [MEDIUM] CVE-2006-1993: firefox - Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to ... Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in

CVE-2006-2775 [HIGH] CVE-2006-2775: firefox - Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with th... Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.4-1)

CVE-2006-6502 [HIGH] CVE-2006-6502: firefox - Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox ... Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-3810 [MEDIUM] CVE-2006-3810: firefox - Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, ... Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-5747 [HIGH] CVE-2006-5747: firefox - Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before ... Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-3113 [HIGH] CVE-2006-3113: firefox - Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey be... Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-4571 [CRITICAL] CVE-2006-4571: firefox - Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird befo... Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data. Scope: local sid: resolved (fixed

CVE-2006-3807 [HIGH] CVE-2006-3807: firefox - Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before... Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-1728 [CRITICAL] CVE-2006-1728: firefox - Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ... Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)

CVE-2006-4566 [MEDIUM] CVE-2006-4566: firefox - Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before... Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\"), which leads to a buffer over-read. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.7-1)

CVE-2006-0293 [HIGH] CVE-2006-0293: firefox - The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows a... The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.1-1)