NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2006-0295

Summary	Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
Publication Date	Feb. 3, 2006, 5:06 a.m.
Registration Date	Jan. 29, 2021, 3:30 p.m.
Last Update	Oct. 20, 2018, 12:43 a.m.

CVSS2.0 : MEDIUM
Score	5.1
Vector	AV:N/AC:H/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	はい
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0::alpha:::::
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/18700	SECUNIA
2	http://secunia.com/advisories/18704	SECUNIA
3	http://secunia.com/advisories/22065	SECUNIA
4	http://securitytracker.com/id?1015570	SECTRACK
5	http://www.kb.cert.org/vuls/id/759273	CERT-VN	US Government Resource
6	http://www.mozilla.org/security/announce/2006/mfsa2006-04.html	CONFIRM
7	http://www.securityfocus.com/archive/1/446657/100/200/threaded	HP
8	http://www.securityfocus.com/bid/16476	BID
9	http://www.us-cert.gov/cas/techalerts/TA06-038A.html	CERT	US Government Resource
10	http://www.vupen.com/english/advisories/2006/0413	VUPEN
11	http://www.vupen.com/english/advisories/2006/3749	VUPEN
12	https://bugzilla.mozilla.org/show_bug.cgi?id=319296	CONFIRM	Patch
13	https://exchange.xforce.ibmcloud.com/vulnerabilities/24433	XF
14	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1562	OVAL

Common Vulnerabilities List