Vulnerability Details : CVE-2006-6498
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2006-6498
- cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-6498
78.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-6498
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2006-6498
-
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
SeaMonkey: Multiple vulnerabilities (GLSA 200701-04) — Gentoo security
-
http://securitytracker.com/id?1017406
GoDaddy Domain Name Search
-
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
404 Page Not Found | SUSE
-
http://www.debian.org/security/2007/dsa-1258
Debian -- Security Information -- DSA-1258-1 mozilla-thunderbird
-
http://www.us-cert.gov/cas/techalerts/TA06-354A.html
Page Not Found | CISAUS Government Resource
-
http://fedoranews.org/cms/node/2297
404 Not Found
-
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
404 Page Not Found | SUSE
-
http://www.vupen.com/english/advisories/2008/0083
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) — Mozilla
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1
-
http://www.securityfocus.com/archive/1/455145/100/0/threaded
-
http://www.kb.cert.org/vuls/id/427972
VU#427972 - Mozilla denial of service vulnerabilityUS Government Resource
-
http://rhn.redhat.com/errata/RHSA-2006-0759.html
RHSA-2006:0759 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://security.gentoo.org/glsa/glsa-200701-02.xml
Mozilla Firefox: Multiple vulnerabilities (GLSA 200701-02) — Gentoo security
-
http://www.debian.org/security/2007/dsa-1253
Debian -- Security Information -- DSA-1253-1 mozilla-firefox
-
https://issues.rpath.com/browse/RPL-883
-
http://www.ubuntu.com/usn/usn-398-1
USN-398-1: Firefox vulnerabilities | Ubuntu security notices | Ubuntu
-
http://securitytracker.com/id?1017405
GoDaddy Domain Name Search
-
http://rhn.redhat.com/errata/RHSA-2006-0758.html
RHSA-2006:0758 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2006-0760.html
RHSA-2006:0760 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://www.ubuntu.com/usn/usn-400-1
USN-400-1: Thunderbird vulnerabilities | Ubuntu security notices | Ubuntu
-
http://www.securityfocus.com/bid/21668
-
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
-
http://securitytracker.com/id?1017398
GoDaddy Domain Name Search
-
http://www.kb.cert.org/vuls/id/447772
VU#447772 - Mozilla JavaScript Engine multiple memory corruption vulnerabilitiesUS Government Resource
-
http://www.vupen.com/english/advisories/2006/5068
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.vupen.com/english/advisories/2007/2106
Site en construction
-
http://www.debian.org/security/2007/dsa-1265
Debian -- Security Information -- DSA-1265-1 mozilla
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661
404 Not Found
-
http://www.ubuntu.com/usn/usn-398-2
USN-398-2: Firefox vulnerabilities | Ubuntu security notices | Ubuntu
-
http://www.securityfocus.com/archive/1/455728/100/200/threaded
-
http://fedoranews.org/cms/node/2338
404 Not Found
Jump to