CVE-2006-6811 – KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-6811
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow. KsIRC 1.3.12 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cadena PRIVMSG larga cuando se conecta a un servidor retransmisor de Chat de Internet(IRC), lo que provoca que falle una aserción y se produzca una referencia a puntero NULL. NOTA: esta vulnerabilidad se documentó originalmente como un desbordamiento de búfer . • https://www.exploit-db.com/exploits/3023 http://osvdb.org/33443 http://security.gentoo.org/glsa/glsa-200701-26.xml http://securitytracker.com/id?1017453 http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 http://www.kde.org/info/security/advisory-20070109-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 http://www.securityfocus.com/archive/1/456379/100/0/threaded http://www.securityfocus.com/bid/21790 http://www.ubuntu • CWE-617: Reachable Assertion •
CVE-2006-6499
https://notcve.org/view.php?id=CVE-2006-6499
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision. La función js_dtoa en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 sobrescribe memoria en lugar de salir cuando la precisión de coma flotante es reducida, lo cual permite a atacantes remotos provocar una denegación de servicio mediante cualquier plugin que reduzca dicha precisión. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories/23422 http://secunia.com/advisories/23545 http://secunia.com/advisories/23589 http://secunia.com/advisories/23591 http://secunia.com/advisories/23614 http://secunia.com/advisories/23672 http://secunia.com/advisories/23692 http://secunia.com/advisories/23988 http://secunia.com/advisories/24078 http:/ • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2006-6500
https://notcve.org/view.php?id=CVE-2006-6500
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. Desbordamiento de búfer basado en pila en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección estableciendo el cursor CSS en ciertas imágenes que provocan un cálculo erróneo de su tamaño al convertirlo a un mapa de bits de Windows. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories/23422 http://secunia.com/advisories/23545 http://secunia.com/advisories/23598 http://secunia.com/advisories/23614 http://secunia.com/advisories/23672 http://secunia.com/advisories/23692 http://security.gentoo.org/glsa/glsa-200701-02.xml http://securitytracker.com/id?1017399 http://securitytracker.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-6503
https://notcve.org/view.php?id=CVE-2006-6503
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI. Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos evitar la protección de secuencias de comandos en sitios cruzados (XSS) cambiando el atributo src de un elemento IMG a javascript: URI. • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://rhn.redhat.com/errata/RHSA-2006-0758.html http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories& • CWE-254: 7PK - Security Features •
CVE-2006-6501
https://notcve.org/view.php?id=CVE-2006-6501
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function. Vulnerabilidad no especificada en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos obtener privilegios e instalar código malicioso mediante la función watch de Javascript. • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://rhn.redhat.com/errata/RHSA-2006-0758.html http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories& • CWE-264: Permissions, Privileges, and Access Controls •