Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2006-0297 | First vendor Publication | 2006-02-02 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5.1 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0297 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1339 | |||
| Oval ID: | oval:org.mitre.oval:def:1339 | ||
| Title: | Mozilla Integer overflows in E4X, SVG, and Canvas Features | ||
| Description: | Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-0297 | Version: | 4 |
| Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 2 | |
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-05-05 | Name : HP-UX Update for Thunderbird HPSBUX02156 File : nvt/gb_hp_ux_HPSBUX02156.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 22897 | Mozilla Multiple Products E4X Feature Overflow |
| 22896 | Mozilla Multiple Products SVG Feature Overflow |
| 22895 | Mozilla Multiple Products Canvas Feature Overflow |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-09-26 | Mozilla Firefox JSXML integer overflow attempt RuleID : 44147 - Revision : 3 - Type : BROWSER-FIREFOX |
| 2017-09-26 | Mozilla Firefox JSXML integer overflow attempt RuleID : 44146 - Revision : 3 - Type : BROWSER-FIREFOX |
| 2014-01-10 | Mozilla products EscapeAttributeValue integer overflow attempt RuleID : 18250 - Revision : 5 - Type : BROWSER-FIREFOX |
| 2014-01-10 | Mozilla products graphics and XML features integer overflows attempt RuleID : 16037 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-02-18 | Name : The remote host is missing Sun Security Patch number 120671-08 File : solaris8_120671.nasl - Type : ACT_GATHER_INFO |
| 2007-02-18 | Name : The remote host is missing Sun Security Patch number 120671-08 File : solaris9_120671.nasl - Type : ACT_GATHER_INFO |
| 2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris8_x86_120672.nasl - Type : ACT_GATHER_INFO |
| 2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris9_x86_120672.nasl - Type : ACT_GATHER_INFO |
| 2006-11-06 | Name : The remote host is missing Sun Security Patch number 119115-36 File : solaris10_119115.nasl - Type : ACT_GATHER_INFO |
| 2006-11-06 | Name : The remote host is missing Sun Security Patch number 119116-35 File : solaris10_x86_119116.nasl - Type : ACT_GATHER_INFO |
| 2006-02-05 | Name : A web browser on the remote host is prone to multiple flaws. File : seamonkey_10.nasl - Type : ACT_GATHER_INFO |
| 2006-02-04 | Name : A web browser on the remote host is prone to multiple flaws. File : mozilla_firefox_1501.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:21:05 |
|
| 2024-11-28 12:08:14 |
|
| 2024-08-02 12:04:03 |
|
| 2024-08-02 01:01:50 |
|
| 2024-02-02 01:03:47 |
|
| 2024-02-01 12:01:50 |
|
| 2023-09-05 12:03:33 |
|
| 2023-09-05 01:01:41 |
|
| 2023-09-02 12:03:36 |
|
| 2023-09-02 01:01:42 |
|
| 2023-08-12 12:04:11 |
|
| 2023-08-12 01:01:42 |
|
| 2023-08-11 12:03:40 |
|
| 2023-08-11 01:01:44 |
|
| 2023-08-06 12:03:27 |
|
| 2023-08-06 01:01:43 |
|
| 2023-08-04 12:03:31 |
|
| 2023-08-04 01:01:45 |
|
| 2023-07-14 12:03:31 |
|
| 2023-07-14 01:01:44 |
|
| 2023-03-29 01:03:41 |
|
| 2023-03-28 12:01:48 |
|
| 2022-10-11 12:03:07 |
|
| 2022-10-11 01:01:35 |
|
| 2021-05-04 12:03:38 |
|
| 2021-04-22 01:04:08 |
|
| 2020-05-23 00:17:20 |
|
| 2019-06-25 12:01:20 |
|
| 2019-03-18 12:01:13 |
|
| 2018-10-19 21:19:44 |
|
| 2017-10-11 09:23:37 |
|
| 2017-07-20 09:23:18 |
|
| 2016-04-26 14:13:52 |
|
| 2014-02-17 10:34:25 |
|
| 2014-01-19 21:23:07 |
|
| 2013-05-11 10:47:38 |
|
