2017-10-16 12:31:07 -04:00
{
2019-03-18 00:50:30 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2006-4253" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
2017-10-16 12:31:07 -04:00
]
2019-03-18 00:50:30 +00:00
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "20061017 Flaw in Firefox 2.0 RC2" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/448956/100/100/threaded"
} ,
{
"name" : "20060817 Re: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/443500/100/100/threaded"
} ,
{
"name" : "1016847" ,
"refsource" : "SECTRACK" ,
"url" : "http://securitytracker.com/id?1016847"
} ,
{
"name" : "22391" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22391"
} ,
{
"name" : "ADV-2006-3748" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2006/3748"
} ,
{
"name" : "RHSA-2006:0676" ,
"refsource" : "REDHAT" ,
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0676.html"
} ,
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html" ,
"refsource" : "CONFIRM" ,
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
} ,
{
"name" : "http://lcamtuf.coredump.cx/ffoxdie.html" ,
"refsource" : "MISC" ,
"url" : "http://lcamtuf.coredump.cx/ffoxdie.html"
} ,
{
"name" : "22055" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22055"
} ,
{
"name" : "22195" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22195"
} ,
{
"name" : "oval:org.mitre.oval:def:9528" ,
"refsource" : "OVAL" ,
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9528"
} ,
{
"name" : "USN-352-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/usn-352-1"
} ,
{
"name" : "21513" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21513"
} ,
{
"name" : "21950" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21950"
} ,
{
"name" : "USN-351-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/usn-351-1"
} ,
{
"name" : "22025" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22025"
} ,
{
"name" : "22056" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22056"
} ,
{
"name" : "MDKSA-2006:168" ,
"refsource" : "MANDRIVA" ,
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
} ,
{
"name" : "20060812 Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/443020/100/100/threaded"
} ,
{
"name" : "22210" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22210"
} ,
{
"name" : "24711" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/24711"
} ,
{
"name" : "GLSA-200610-04" ,
"refsource" : "GENTOO" ,
"url" : "http://security.gentoo.org/glsa/glsa-200610-04.xml"
} ,
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm" ,
"refsource" : "CONFIRM" ,
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm"
} ,
{
"name" : "http://www.pianetapc.it/view.php?id=770" ,
"refsource" : "MISC" ,
"url" : "http://www.pianetapc.it/view.php?id=770"
} ,
{
"name" : "ADV-2008-0083" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2008/0083"
} ,
{
"name" : "20060817 RE: [VulnWatch] Re: Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/443528/100/0/threaded"
} ,
{
"name" : "20060901-01-P" ,
"refsource" : "SGI" ,
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
} ,
{
"name" : "21939" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21939"
} ,
{
"name" : "1016848" ,
"refsource" : "SECTRACK" ,
"url" : "http://securitytracker.com/id?1016848"
} ,
{
"name" : "ADV-2006-3617" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2006/3617"
} ,
{
"name" : "21915" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21915"
} ,
{
"name" : "ADV-2007-1198" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2007/1198"
} ,
{
"name" : "20061006 Re: Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/447837/100/200/threaded"
} ,
{
"name" : "RHSA-2006:0677" ,
"refsource" : "REDHAT" ,
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0677.html"
} ,
{
"name" : "GLSA-200609-19" ,
"refsource" : "GENTOO" ,
"url" : "http://security.gentoo.org/glsa/glsa-200609-19.xml"
} ,
{
"name" : "SSRT061181" ,
"refsource" : "HP" ,
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
} ,
{
"name" : "20061017 Re: Flaw in Firefox 2.0 RC2" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/448984/100/100/threaded"
} ,
{
"name" : "22274" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22274"
} ,
{
"name" : "RHSA-2006:0675" ,
"refsource" : "REDHAT" ,
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0675.html"
} ,
{
"name" : "21940" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21940"
} ,
{
"name" : "22001" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22001"
} ,
{
"name" : "20060915 rPSA-2006-0169-1 firefox thunderbird" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
} ,
{
"name" : "USN-350-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/usn-350-1"
} ,
{
"name" : "21906" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21906"
} ,
{
"name" : "HPSBUX02153" ,
"refsource" : "HP" ,
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
} ,
{
"name" : "20061019 Re: Flaw in Firefox 2.0 RC2" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/449245/100/100/threaded"
} ,
{
"name" : "GLSA-200610-01" ,
"refsource" : "GENTOO" ,
"url" : "http://security.gentoo.org/glsa/glsa-200610-01.xml"
} ,
{
"name" : "22074" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22074"
} ,
{
"name" : "22066" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22066"
} ,
{
"name" : "22088" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22088"
} ,
{
"name" : "20060815 Re: Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/443306/100/100/threaded"
} ,
{
"name" : "21949" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21949"
} ,
{
"name" : "SUSE-SA:2006:054" ,
"refsource" : "SUSE" ,
"url" : "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
} ,
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=348514" ,
"refsource" : "CONFIRM" ,
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=348514"
} ,
{
"name" : "19534" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/19534"
} ,
{
"name" : "https://issues.rpath.com/browse/RPL-640" ,
"refsource" : "CONFIRM" ,
"url" : "https://issues.rpath.com/browse/RPL-640"
} ,
{
"name" : "20061005 Re: Concurrency-related vulnerabilities in browsers - expect problems" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/447840/100/200/threaded"
} ,
{
"name" : "http://lcamtuf.coredump.cx/ffoxdie3.html" ,
"refsource" : "MISC" ,
"url" : "http://lcamtuf.coredump.cx/ffoxdie3.html"
} ,
{
"name" : "20061025 Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/449726/100/0/threaded"
} ,
{
"name" : "22036" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22036"
} ,
{
"name" : "1016846" ,
"refsource" : "SECTRACK" ,
"url" : "http://securitytracker.com/id?1016846"
} ,
{
"name" : "USN-354-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/usn-354-1"
} ,
{
"name" : "19488" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/19488"
} ,
{
"name" : "20061023 Flaw in Firefox 2.0 Final" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/449487/100/0/threaded"
} ,
{
"name" : "22422" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/22422"
} ,
{
"name" : "MDKSA-2006:169" ,
"refsource" : "MANDRIVA" ,
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:169"
} ,
{
"name" : "http://www.securiteam.com/securitynews/5VP0M0AJFW.html" ,
"refsource" : "MISC" ,
"url" : "http://www.securiteam.com/securitynews/5VP0M0AJFW.html"
} ,
{
"name" : "21916" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/21916"
}
]
}
}
