[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-6499Date: (C)2006-12-19   (M)2023-12-28


The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1017398
SECTRACK-1017405
SECTRACK-1017406
SUNALERT-102846
BID-21668
SECUNIA-23282
SECUNIA-23420
SECUNIA-23422
SECUNIA-23545
SECUNIA-23589
SECUNIA-23591
SECUNIA-23614
SECUNIA-23672
SECUNIA-23692
SECUNIA-23988
SECUNIA-24078
SECUNIA-24390
ADV-2006-5068
ADV-2007-1124
ADV-2008-0083
DSA-1253
DSA-1258
DSA-1265
GLSA-200701-02
GLSA-200701-04
SSRT061181
SUSE-SA:2006:080
SUSE-SA:2007:006
TA06-354A
USN-398-1
USN-398-2
USN-400-1
VU#427972
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html

CWE    1
CWE-835

© SecPod Technologies