Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2788

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2788
Last Modified 21 Aug 2010 12:48:17
Published 02 Jun 2006 05:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2788

Summary

Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.

Vulnerable Systems

Application

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.10.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Firefox 1.0.7

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.3

  • Mozilla Firefox Preview Release


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=321598

DEBIAN - DSA-1191

UBUNTU - USN-296-1

UBUNTU - USN-361-1

REDHAT - RHSA-2006:0611

REDHAT - RHSA-2006:0610

REDHAT - RHSA-2006:0594

REDHAT - RHSA-2006:0578

MANDRIVA - MDKSA-2006:145

MANDRIVA - MDKSA-2006:143

DEBIAN - DSA-1210

DEBIAN - DSA-1192

SECUNIA - 22849

SECUNIA - 22342

SECUNIA - 22299

SECUNIA - 22247

SECUNIA - 21631

SECUNIA - 21532

SECUNIA - 21336

SECUNIA - 21270

SECUNIA - 21269

REDHAT - RHSA-2006:0609


Last Updated: 27 May 2016 10:42:46