CVE-2006-6501
https://notcve.org/view.php?id=CVE-2006-6501
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function. Vulnerabilidad no especificada en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos obtener privilegios e instalar código malicioso mediante la función watch de Javascript. • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://rhn.redhat.com/errata/RHSA-2006-0758.html http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories& • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2006-5463
https://notcve.org/view.php?id=CVE-2006-5463
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing. Vulnerabilidad sin especificar en el Mozilla Firefox en versiones anteriores a la 1.5.0.8, en el Thunderbird en versiones anteriores a la 1.5.0.8 y en el SeaMonkey en versiones anteriores a la 1.0.6, permite a atacantes remotos la ejecución de JavaScript bytecode de su elección mediante vectores sin especificar implicando la modificación de una secuencia de comandos mientras se está ejecutando. • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://rhn.redhat.com/errata/RHSA-2006-0733.html http://rhn.redhat.com/errata/RHSA-2006-0734.html http://rhn.redhat.com/errata/RHSA-2006-0735.html http://secunia.com/advisories/22066 http://secunia.com/advisories/22722 http://secunia.com/advisories/22727 http://secunia.com/advisories/22737 http://secunia.com/advisories/22763 http://secunia.com/advisories/22770 http://secunia.com/advisories/22774 http& •
CVE-2006-5464
https://notcve.org/view.php?id=CVE-2006-5464
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors. Múltiples vulnerabilidades sin especificar en el diseño del motor del Mozilla Firefox en versiones anteriores a la 1.5.0.8, del Thunderbird en versiones anteriores a la 1.5.0.8 y del SeaMonkey en versiones anteriores a la 1.0.6, permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores sin especificar. • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://rhn.redhat.com/errata/RHSA-2006-0733.html http://rhn.redhat.com/errata/RHSA-2006-0734.html http://rhn.redhat.com/errata/RHSA-2006-0735.html http://secunia.com/advisories/22066 http://secunia.com/advisories/22722 http://secunia.com/advisories/22727 http://secunia.com/advisories/22737 http://secunia.com/advisories/22763 http://secunia.com/advisories/22770 http://secunia.com/advisories/22774 http& •
CVE-2006-5747
https://notcve.org/view.php?id=CVE-2006-5747
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function. Vulnerabilidad sin especificar en el Mozilla Firefox anterior al 1.5.0.8, en el Thunderbird anterior al 1.5.0.8 y en el SeaMonkey anterior al 1.0.6 permite a atacantes remotos la ejecución de código de su elección mediante la función de JavaScript XML.prototype.hasOwnProperty • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://rhn.redhat.com/errata/RHSA-2006-0733.html http://rhn.redhat.com/errata/RHSA-2006-0734.html http://rhn.redhat.com/errata/RHSA-2006-0735.html http://secunia.com/advisories/22066 http://secunia.com/advisories/22722 http://secunia.com/advisories/22727 http://secunia.com/advisories/22737 http://secunia.com/advisories/22763 http://secunia.com/advisories/22770 http://secunia.com/advisories/22774 http& •
CVE-2006-5462
https://notcve.org/view.php?id=CVE-2006-5462
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. La biblioteca Mozilla Network Security Service (NSS) en versiones anteriores a la 3.11.3, como el usado en el Mozilla Firefox en versiones anteriores a la 1.5.0.8, en el Thunderbird anterior a la versión 1.5.0.8 y en el SeaMonkey anteriores a la versión 1.0.6, cuando utiliza una clave RSA con exponente 3, no gestiona apropiadamente datos extra en la firma, lo cual permiten a atacantes remotos falsificar firmas para los certificados de correo electrónico SSL/TLS. NOTA: este identificador es para versiones de productos no parchados, que inicialmente se vieron en el CVE-2006-4340. • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://rhn.redhat.com/errata/RHSA-2006-0733.html http://rhn.redhat.com/errata/RHSA-2006-0734.html http://rhn.redhat.com/errata/RHSA-2006-0735.html http://secunia.com/advisories/22066 http://secunia.com/advisories/22722 http://secunia.com/advisories/22727 http://secunia.com/advisories/22737 http://secunia.com/advisories/22763 http://secunia.com/advisories/22770 http://secunia.com/advisories/22815 http& •