Vulnerability Name: | CVE-2006-1790 (CCN-25809) | ||||||||||||||||||||||||||||||||||||||||
Assigned: | 2006-04-14 | ||||||||||||||||||||||||||||||||||||||||
Published: | 2006-04-14 | ||||||||||||||||||||||||||||||||||||||||
Updated: | 2018-10-18 | ||||||||||||||||||||||||||||||||||||||||
Summary: | A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption. | ||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-399 | ||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||
References: | Source: SCO Type: UNKNOWN SCOSA-2006.26 Source: SGI Type: UNKNOWN 20060404-01-U Source: MITRE Type: CNA CVE-2006-1790 Source: SUSE Type: UNKNOWN SUSE-SA:2006:021 Source: CCN Type: RHSA-2006-0328 firefox security update Source: CCN Type: RHSA-2006-0329 mozilla security update Source: CCN Type: RHSA-2006-0330 thunderbird security update Source: CCN Type: SA19631 Firefox Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 19631 Source: SECUNIA Type: UNKNOWN 19714 Source: SECUNIA Type: UNKNOWN 19721 Source: SECUNIA Type: UNKNOWN 19729 Source: SECUNIA Type: UNKNOWN 19746 Source: SECUNIA Type: Vendor Advisory 19759 Source: SECUNIA Type: UNKNOWN 19780 Source: SECUNIA Type: Vendor Advisory 19794 Source: SECUNIA Type: Vendor Advisory 19811 Source: SECUNIA Type: Vendor Advisory 19852 Source: SECUNIA Type: Vendor Advisory 19862 Source: SECUNIA Type: UNKNOWN 19863 Source: SECUNIA Type: UNKNOWN 19902 Source: SECUNIA Type: UNKNOWN 19941 Source: SECUNIA Type: UNKNOWN 19950 Source: SECUNIA Type: UNKNOWN 20051 Source: SECUNIA Type: UNKNOWN 21033 Source: SECUNIA Type: UNKNOWN 21622 Source: CCN Type: Sun Alert ID: 102550 Multiple Security Vulnerabilites in Mozilla 1.4 and 1.7 for Solaris and for Sun JDS for Linux Source: SUNALERT Type: UNKNOWN 102550 Source: SUNALERT Type: UNKNOWN 228526 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm Source: DEBIAN Type: UNKNOWN DSA-1044 Source: DEBIAN Type: UNKNOWN DSA-1046 Source: DEBIAN Type: UNKNOWN DSA-1051 Source: DEBIAN Type: DSA-1044 mozilla-firefox -- several vulnerabilities Source: DEBIAN Type: DSA-1046 mozilla -- several vulnerabilities Source: DEBIAN Type: DSA-1051 mozilla-thunderbird -- several vulnerabilities Source: CCN Type: GLSA-200604-12 Mozilla Firefox: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200604-12 Source: CCN Type: GLSA-200604-18 Mozilla Suite: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200604-18 Source: CCN Type: GLSA-200605-09 Mozilla Thunderbird: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200605-09 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:075 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:076 Source: CCN Type: Mozilla Web site Firefox - Rediscover the Web Source: CCN Type: MFSA 2006-11 Crashes with evidence of memory corruption Source: CONFIRM Type: Vendor Advisory http://www.mozilla.org/security/announce/2006/mfsa2006-11.html Source: FEDORA Type: UNKNOWN FEDORA-2006-410 Source: FEDORA Type: UNKNOWN FEDORA-2006-411 Source: REDHAT Type: UNKNOWN RHSA-2006:0328 Source: REDHAT Type: UNKNOWN RHSA-2006:0329 Source: REDHAT Type: UNKNOWN RHSA-2006:0330 Source: FEDORA Type: UNKNOWN FLSA:189137-1 Source: FEDORA Type: UNKNOWN FLSA:189137-2 Source: HP Type: UNKNOWN HPSBUX02122 Source: BID Type: UNKNOWN 17516 Source: CCN Type: BID-17516 Mozilla Suite, Firefox, SeaMonkey, and Thunderbird Multiple Remote Vulnerabilities Source: CCN Type: USN-271-1 Firefox vulnerabilities Source: CCN Type: USN-275-1 Mozilla vulnerabilities Source: CCN Type: USN-276-1 Thunderbird vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-1356 Source: XF Type: UNKNOWN mozilla-installtrigger-memory-corruption(25809) Source: XF Type: UNKNOWN mozilla-installtrigger-memory-corruption(25809) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11202 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1266 Source: UBUNTU Type: UNKNOWN USN-271-1 Source: UBUNTU Type: UNKNOWN USN-275-1 Source: UBUNTU Type: UNKNOWN USN-276-1 Source: SUSE Type: SUSE-SA:2006:021 Mozilla Firefox and Mozilla suite various security problems | ||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
BACK |