// For flags

CVE-2006-6497

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors.

Múltiples vulnerabilidades no especificadas en el motor de diseño para Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída) y posiblemente ejecutar código de su elección mediante vectores de ataque desconocidos.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-12-13 CVE Reserved
  • 2006-12-20 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (59)
URL Tag Source
http://secunia.com/advisories/24948 Third Party Advisory
http://securitytracker.com/id?1017398 Vdb Entry
http://securitytracker.com/id?1017405 Vdb Entry
http://securitytracker.com/id?1017406 Vdb Entry
http://www.kb.cert.org/vuls/id/427972 Third Party Advisory
http://www.kb.cert.org/vuls/id/606260 Third Party Advisory
http://www.securityfocus.com/archive/1/455145/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/455728/100/200/threaded Mailing List
http://www.securityfocus.com/bid/21668 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA06-354A.html Third Party Advisory
http://www.vupen.com/english/advisories/2006/5068 Vdb Entry
http://www.vupen.com/english/advisories/2007/1463 Vdb Entry
http://www.vupen.com/english/advisories/2008/0083 Vdb Entry
https://issues.rpath.com/browse/RPL-883 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691 Signature
URL Date SRC
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc 2018-10-17
http://fedoranews.org/cms/node/2297 2018-10-17
http://fedoranews.org/cms/node/2338 2018-10-17
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 2018-10-17
http://rhn.redhat.com/errata/RHSA-2006-0758.html 2018-10-17
http://rhn.redhat.com/errata/RHSA-2006-0759.html 2018-10-17
http://rhn.redhat.com/errata/RHSA-2006-0760.html 2018-10-17
http://secunia.com/advisories/23282 2018-10-17
http://secunia.com/advisories/23420 2018-10-17
http://secunia.com/advisories/23422 2018-10-17
http://secunia.com/advisories/23433 2018-10-17
http://secunia.com/advisories/23439 2018-10-17
http://secunia.com/advisories/23440 2018-10-17
http://secunia.com/advisories/23468 2018-10-17
http://secunia.com/advisories/23514 2018-10-17
http://secunia.com/advisories/23545 2018-10-17
http://secunia.com/advisories/23589 2018-10-17
http://secunia.com/advisories/23591 2018-10-17
http://secunia.com/advisories/23598 2018-10-17
http://secunia.com/advisories/23601 2018-10-17
http://secunia.com/advisories/23614 2018-10-17
http://secunia.com/advisories/23618 2018-10-17
http://secunia.com/advisories/23672 2018-10-17
http://secunia.com/advisories/23692 2018-10-17
http://secunia.com/advisories/23988 2018-10-17
http://secunia.com/advisories/24078 2018-10-17
http://secunia.com/advisories/24390 2018-10-17
http://security.gentoo.org/glsa/glsa-200701-02.xml 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1 2018-10-17
http://www.debian.org/security/2007/dsa-1253 2018-10-17
http://www.debian.org/security/2007/dsa-1258 2018-10-17
http://www.debian.org/security/2007/dsa-1265 2018-10-17
http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml 2018-10-17
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2007:010 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2007:011 2018-10-17
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html 2018-10-17
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html 2018-10-17
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html 2018-10-17
http://www.ubuntu.com/usn/usn-398-1 2018-10-17
http://www.ubuntu.com/usn/usn-398-2 2018-10-17
http://www.ubuntu.com/usn/usn-400-1 2018-10-17
https://access.redhat.com/security/cve/CVE-2006-6497 2006-12-19
https://bugzilla.redhat.com/show_bug.cgi?id=1618243 2006-12-19
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 <= 1.5.0.8
Search vendor "Mozilla" for product "Firefox" and version " <= 1.5.0.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 2.0
Search vendor "Mozilla" for product "Firefox" and version "2.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Seamonkey
Search vendor "Mozilla" for product "Seamonkey"
 <= 1.5.0.8
Search vendor "Mozilla" for product "Seamonkey" and version " <= 1.5.0.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Thunderbird
Search vendor "Mozilla" for product "Thunderbird"
 <= 1.5.0.8
Search vendor "Mozilla" for product "Thunderbird" and version " <= 1.5.0.8"
-
Affected