Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1273


Vulnerability Score 7.8 7.8
CVE Id CVE-2006-1273
Last Modified 15 Nov 2008 12:00:00
Published 19 Mar 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



** DISPUTED ** Mozilla Firefox 1.0.7 and allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggesting that "It is likely the reporter was running the IE Tab extension," and Mozilla also confirmed that this is not an issue in Firefox itself.

Vulnerable Systems


  • Mozilla Firefox 1.0.7

  • Mozilla Firefox


BUGTRAQ - 20060318 Re: Re: Remote overflow in MSIE script action handlers (mshtml.dll)

BUGTRAQ - 20060317 Re: Re: Remote overflow in MSIE script action handlers (mshtml.dll)


OSVDB - 31833

Last Updated: 27 May 2016 10:42:00