CVSS: 5.0EPSS: 40%CPEs: 3EXPL: 6CVE-2006-5633 – Mozilla Firefox 1.5.0.7/2.0 - 'createRange' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-5633
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference. Firefox 1.5.0.7 y 2.0, y Seamonkey 1.1b, permite a atacantes remotos provocar una denegación de servicio (caída) creando un objeto rango usando createRange, llamando a selectNode en un nodo DocType (DOCUMENT_TYPE_NODE), y después llamando a createContextualFragment en el rango, lo cual dispara una referencia nula. NOTA: el post original en Bugtraq mencionaba que la ejecución de código era posible, pero análisis posteriores han mostrado que es sólo una referencia nula. • https://www.exploit-db.com/exploits/2695 http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050416.html http://www.gotfault.net/research/advisory/gadv-firefox.txt http://www.securityfocus.com/archive/1/450155/100/0/threaded http://www.securityfocus.com/archive/1/450167/100/0/threaded http://www.securityfocus.com/archive/1/450168/100/0/threaded http://www.securityfocus.com/archive/1/450682/100/200/threaded http://www.securityfocus.com/archive/1/452803/100/0/ •
CVSS: 7.5EPSS: 46%CPEs: 30EXPL: 0CVE-2006-5159
https://notcve.org/view.php?id=CVE-2006-5159
Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released a follow-up comment disputing the severity of this issue, in which the researcher states that "we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this... I have not succeeded in making this code do anything more than cause a crash and eat up system resources" ** IMPUGNADA ** Desbordamiento de búfer basado en pila en Mozilla Firefox permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados implicando JavaScript. NOTA: el vendedor e investigadores originales han liberado un comentario de continuación impugnando la severidad de este asunto, en el cual el investigador afirma que "hemos mencionado que hubo una vulnerabilidad en Firefox previamente conocida que podría provocar un desbordamiento de pila permitiendo ejecución remota de código. • http://developer.mozilla.org/devnews/index.php/2006/10/02/update-possible-vulnerability-reported-at-toorcon http://securityreason.com/securityalert/1678 http://securitytracker.com/id?1016962 http://www.securityfocus.com/archive/1/447493/100/0/threaded http://www.securityfocus.com/archive/1/447497/100/0/threaded http://www.securityfocus.com/bid/20282 http://www.securityfocus.com/bid/20294 http://www.securitypronews.com/insiderreports/insider/spn-49-20061003FirefoxVulnerabilityClaimWasAJoke.html https:// •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2006-5160
https://notcve.org/view.php?id=CVE-2006-5160
Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not. ** IMPUGNADA ** Múltiples vulnerabilidades en Mozilla Firefox tienen vectores e impacto no especificados, como fue reclamado durante el ToorCon 2006. NOTA: el vendedor e investigadores originales han liberado un comentario de seguimiento impugnando este asunto, en el cual un investigador afirma que "No tengo vulnerabilidades de Firefox no reveladas. La persona que estuvo hablando conmigo hizo esta reclamación, y yo honestamente no tengo ni idea de si él las tiene o no". • http://developer.mozilla.org/devnews/index.php/2006/10/02/update-possible-vulnerability-reported-at-toorcon http://www.securityfocus.com/archive/1/447493/100/0/threaded http://www.securityfocus.com/bid/20294 http://www.securitypronews.com/insiderreports/insider/spn-49-20061003FirefoxVulnerabilityClaimWasAJoke.html •
CVSS: 2.6EPSS: 5%CPEs: 1EXPL: 0CVE-2006-4569
https://notcve.org/view.php?id=CVE-2006-4569
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks. El bloqueador de ventanas emergentes de Mozilla Firefox anterior a 1.5.0.7 abre las "vetanas emergentes bloqueadas" mostrando el contexto de la barra de localización en vez del subframe en el cual el popup se originó, que puede hacer más fácil para que atacantes remotos con la complicidad del usuario conduzcan a ataques de secuencias de comandos en sitios cruzados(XSS). • http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22056 http://secunia.com/advisories/22066 http://secunia.com/advisories/22195 http://secunia.com/advisories/22210 http://secunia.com/advisories/22422 http://secunia.com/advisories/24711 http://security.gentoo.org/glsa/glsa-200609-19.xml http://securitytracker.com/id?1016849 http://support.avaya.com/ •
CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 0CVE-2006-4568
https://notcve.org/view.php?id=CVE-2006-4568
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks. Mozilla FireFox anterior a 1.5.0.7 y SeaMonkey anterior a 1.0.5 permite a un atacante remoto evitar el modelo de seguridad e inyectar contenidos dentro de una sub-estructura de otro sitio a través de targetWindow.frames[n].document.open(), el cual facilita la suplantación y otros ataques. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://secunia.com/advisories/21906 http://secunia.com/advisories/21915 http://secunia.com/advisories/21940 http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22036 http://secunia.com/advisories/22056 http://secunia.com/advisories/22066 http://secunia.com/advisories/22195 http:/& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •