CVSS: 4.0EPSS: 26%CPEs: 4EXPL: 0CVE-2006-4340
https://notcve.org/view.php?id=CVE-2006-4340
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. La librería Mozilla Network Security Service (NSS) anterior a 3.11.3, usada en Mozilla Firefox anterior a 1.5.0.7, Thunderbird anterior a 1.5.0.7, y SeaMonkey anterior a 1.0.5, cuando se usa una llave RSA con exponente 3, no maneja correctamente los datos en una firma, lo que permite a atacantes remotos falsificar firmas para SSL/TLS y certificados de correo electrónico; una vulnerabilidad muy similar a la CVE-2006-4339. NOTA: el 7/11/2006, Mozilla publicó un aviso afirmando que estas versiones no estaban completamente parcheadas por MFSA2006-60. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://secunia.com/advisories/21903 http://secunia.com/advisories/21906 http://secunia.com/advisories/21915 http://secunia.com/advisories/21916 http://secunia.com/advisories/21939 http://secunia.com/advisories/21940 http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22036 http:/& • CWE-20: Improper Input Validation •
CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 1CVE-2006-4567
https://notcve.org/view.php?id=CVE-2006-4567
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update. Mozilla Firefox anterior a 1.5.0.7 y Thunderbird anteror a 1.5.0.7 hacen que fuera facil que los usuarios aceptaran certificados auto-firmados para el mecanismo de auto-actualización, el cual pudo permitir a atacantes con la complicidad del usuario usando suplantación DNS engañando a los usuarios con la visita a un sitio malicioso y aceptando un certificado malicioso para la actualización de Mozilla, el cual puede ser usado para instalar codido de elección del atacante en la siguiente actualización. • http://secunia.com/advisories/21906 http://secunia.com/advisories/21916 http://secunia.com/advisories/21939 http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22055 http://secunia.com/advisories/22056 http://secunia.com/advisories/22066 http://secunia.com/advisories/22074 http://secunia.com/advisories/22088 http://secunia.com/advisories/22195 http:/& •
CVSS: 9.3EPSS: 28%CPEs: 3EXPL: 0CVE-2006-4565
https://notcve.org/view.php?id=CVE-2006-4565
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." Desbordamiento de bufer en Mozilla Firefox anterior a 1.5.0.7, Thunderbird anterior 1.5.0.7, y SeaMonkey anterior 1.0.5 permite a un atacante remoto provocar denegación de servicio (crash) y la posibilidad de ejecutar código de su elección a través de expresiones regulares de JavaScript con una "cuantificación mínima". • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://secunia.com/advisories/21906 http://secunia.com/advisories/21915 http://secunia.com/advisories/21916 http://secunia.com/advisories/21939 http://secunia.com/advisories/21940 http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22036 http://secunia.com/advisories/22055 http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 96%CPEs: 3EXPL: 0CVE-2006-4566
https://notcve.org/view.php?id=CVE-2006-4566
Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\"), which leads to a buffer over-read. Mozilla Firefox anterior a 1.5.0.7, Thunderbird anterior 1.5.0.7, y SeaMonkey anterior 1.0.5 permite a atacantes remotos provocar denegación de servicio(crash) a través de expresiones regulares mal formadas JavaScript que finalizan con una barra invertida en un juego de caracteres indeterminado ("[\\"), que conduce a un bufer a sobre leerse. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://secunia.com/advisories/21906 http://secunia.com/advisories/21915 http://secunia.com/advisories/21916 http://secunia.com/advisories/21939 http://secunia.com/advisories/21940 http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22036 http://secunia.com/advisories/22055 http:/& •
CVSS: 7.6EPSS: 96%CPEs: 28EXPL: 1CVE-2006-4253 – Mozilla Firefox 1.0.x - JavaScript Handler Race Condition Memory Corruption
https://notcve.org/view.php?id=CVE-2006-4253
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected. Vulnerabilidad de concurrencia en Mozilla Firefox 1.5.0.6 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante múltiples eventos Javascript temporizados que cargan un archivo XML profundamente anidado, seguido por una redirección del navegador hacia ora página, lo cual lleva a un fallo de concurencia que provoca que se liberen estructuras incorrectamente, como ha sido demostrado por (1) ffoxdie y (2) ffoxdie3. • https://www.exploit-db.com/exploits/28380 ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lcamtuf.coredump.cx/ffoxdie.html http://lcamtuf.coredump.cx/ffoxdie3.html http://secunia.com/advisories/21513 http://secunia.com/advisories/21906 http://secunia.com/advisories/21915 http://secunia.com/advisories/21916 http://secunia.com/advisories/21939 http://secunia.com/advisories/21940 http://secunia.com/advisories/21949 http://secunia.com/advisories&#x • CWE-264: Permissions, Privileges, and Access Controls •