The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
22 Dec 2023, 18:49
Type | Values Removed | Values Added |
---|---|---|
References | (SECTRACK) http://securitytracker.com/id?1017398 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/24390 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23591 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23614 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/24078 - Broken Link, Third Party Advisory | |
References | (VUPEN) http://www.vupen.com/english/advisories/2008/0083 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23988 - Broken Link, Third Party Advisory | |
References | (SECTRACK) http://securitytracker.com/id?1017406 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/23420 - Broken Link, Third Party Advisory | |
References | (SECTRACK) http://securitytracker.com/id?1017405 - Broken Link, Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2007/1124 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23545 - Broken Link, Third Party Advisory | |
References | (VUPEN) http://www.vupen.com/english/advisories/2006/5068 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23422 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23589 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23282 - Broken Link, Third Party Advisory | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-200701-02.xml - Broken Link, Third Party Advisory | |
References | (CERT) http://www.us-cert.gov/cas/techalerts/TA06-354A.html - Broken Link, Third Party Advisory, US Government Resource | |
References | (BID) http://www.securityfocus.com/bid/21668 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/23692 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23672 - Broken Link, Third Party Advisory | |
CWE | CWE-835 |
Information
Published : 2006-12-20 01:28
Updated : 2024-02-04 17:13
NVD link : CVE-2006-6499
Mitre link : CVE-2006-6499
CVE.ORG link : CVE-2006-6499
JSON object : View
Products Affected
mozilla
- firefox
- seamonkey
- thunderbird
canonical
- ubuntu_linux
debian
- debian_linux
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')