CVE-2006-3811

{"id": "CVE-2006-3811", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-27T20:04:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/19873", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21216", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21228", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21229", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21243", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21246", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21250", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21262", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21269", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21270", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21275", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21336", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21343", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21358", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21361", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21529", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21532", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21607", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21631", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21675", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22055", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22065", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22066", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22210", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22342", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/25839", "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200608-02.xml", "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200608-04.xml", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016586", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016587", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016588", "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102971-1", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2006/dsa-1161", "source": "secalert@redhat.com"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml", "source": "secalert@redhat.com"}, {"url": "http://www.kb.cert.org/vuls/id/527676", "tags": ["US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146", "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-55.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/19181", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-350-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-354-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-361-1", "source": "secalert@redhat.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html", "tags": ["US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/2998", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/3748", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/3749", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2007/2350", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/0083", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27992", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-536", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-537", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9934", "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/327-1/", "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/329-1/", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) \"anonymous box selectors outside of UA stylesheets,\" (5) stale references to \"removed nodes,\" and (6) running the crypto.generateCRMFRequest callback on deleted context."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en Mozilla Firefox anterior a 1.5.0.5, Thunderbird anterior a 1.5.0.5, y SeaMonkey anterior a 1.0.3 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de JavaScript que conducen a un corrupci\u00f3n de memoria, incluyendo (1) nsListControlFrame::FireMenuItemActiveEvent, (2) desbordamiento de b\u00fafer en la clase string en condiciones fuera de memoria, (3) fila de tabla y grupos de columnas, (4) \"selectores an\u00f3nimos de caja fuera del estilo del UA,\" (5)referencias pasadas a \"nodos borrados\", y (6) ejecutando la segunda prueba crypto.generateCRMFRequest sobre un contexto borrado."}], "lastModified": "2018-10-17T21:31:25.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55344F76-1C42-4DD8-A28B-1C33626C6FD2"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C99BAF7-B48E-4402-B2BF-EB07235E402E"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0ADE8D7-B3C3-4490-9CD5-0263BBA75D28"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}