CVE-2006-0749 : nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.

Published 2006-04-14 10:02:00

Updated 2025-04-03 01:03:51

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionExecute codeDenial of service

Products affected by CVE-2006-0749

Mozilla » Firefox
Versions from including (>=) 1.0 and up to, including, (<=) 1.5
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Thunderbird
Versions from including (>=) 1.0 and before (<) 1.0.8
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla Suite
Versions before (<) 1.7.13
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Seamonkey
Versions before (<) 1.0
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-0749

EPSS FAQ

40.33%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-0749

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2006-0749

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2006-0749

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

ASA-2006-205 (SUN 102502, 102513, 102514, 102519, 102550, 102556, 102557, 102582, 102588, 102589, 102593)
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/434524/100/0/threaded

CVEs referencing this url
http://secunia.com/advisories/19821

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19759

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.zerodayinitiative.com/advisories/ZDI-06-009.html

ZDI-06-009 | Zero Day Initiative
Third Party Advisory;VDB Entry
http://secunia.com/advisories/19862

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.novell.com/linux/security/advisories/2006_04_25.html

404 Page Not Found | SUSE
Broken Link

CVEs referencing this url
http://www.kb.cert.org/vuls/id/736934

VU#736934 - Mozilla products vulnerable to memory corruption via a particular sequence of HTML tags
Third Party Advisory;US Government Resource
http://secunia.com/advisories/19811

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19823

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
https://usn.ubuntu.com/271-1/

404: Page not found | Ubuntu

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2006-0330.html

Support
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/431126/100/0/threaded
http://www.debian.org/security/2006/dsa-1051

[SECURITY] [DSA 1051-1] New Mozilla Thunderbird packages fix several vulnerabilities
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19631

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19729

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19852

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/21033

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html

[SECURITY] Fedora Core 5 Update: firefox-1.5.0.2-1.1.fc5
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19714

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19794

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11704

404 Not Found
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml

Mozilla Firefox: Multiple vulnerabilities (GLSA 200604-12) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19863

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html

[SECURITY] Fedora Core 4 Update: firefox-1.0.8-1.1.fc4
Third Party Advisory

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2006-0329.html

Support
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/438730/100/0/threaded

CVEs referencing this url
http://secunia.com/advisories/19696

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078

Mandriva
Third Party Advisory

CVEs referencing this url
http://www.mozilla.org/security/announce/2006/mfsa2006-18.html

Mozilla Firefox Tag Order Vulnerability — Mozilla
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml

Mozilla Thunderbird: Multiple vulnerabilities (GLSA 200605-09) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19746

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2006/1356

Site en construction
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19950

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

Third Party Advisory

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

Broken Link

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

Broken Link

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076

Mandriva
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19941

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/436296/100/0/threaded

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA06-107A.html

Page Not Found | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url
http://secunia.com/advisories/20051

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1848

404 Not Found
Third Party Advisory
http://www.debian.org/security/2006/dsa-1046

[SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilities
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19721

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/21622

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html

Object not found!
Broken Link

CVEs referencing this url
http://secunia.com/advisories/19780

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc

Broken Link

CVEs referencing this url
https://usn.ubuntu.com/276-1/

404: Page not found | Ubuntu

CVEs referencing this url
http://www.securityfocus.com/bid/17516

Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securityfocus.com/archive/1/436338/100/0/threaded

CVEs referencing this url
https://usn.ubuntu.com/275-1/

404: Page not found | Ubuntu

CVEs referencing this url
http://securityreason.com/securityalert/729

Mozilla Firefox Tag Parsing Code Execution Vulnerability - CXSecurity.com
Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391

Site en construction
Permissions Required;Third Party Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/25819

Multiple Mozilla products nsHTMLContentSink.cpp memory corruption CVE-2006-0749 Vulnerability Report
Third Party Advisory;VDB Entry
http://www.redhat.com/support/errata/RHSA-2006-0328.html

Support
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/19902

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075

Mandriva
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2006/dsa-1044

[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities
Third Party Advisory

CVEs referencing this url
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

Mozilla Suite: Multiple vulnerabilities (GLSA 200604-18) — Gentoo security
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2006-0749

Products affected by CVE-2006-0749

Exploit prediction scoring system (EPSS) score for CVE-2006-0749

CVSS scores for CVE-2006-0749

CWE ids for CVE-2006-0749

References for CVE-2006-0749