NVD Vulnerability Detail

CVE-2006-1742

Summary	The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
Summary	Fixed in: Firefox 1.5 Firefox 1.0.8 Thunderbird 1.5 Thunderbird 1.0.8 SeaMonkey 1.0 Mozilla Suite 1.7.13
Publication Date	April 14, 2006, 7:02 p.m.
Registration Date	Jan. 29, 2021, 3:35 p.m.
Last Update	Oct. 19, 2018, 1:36 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:P/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	低
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox::::::::		1.0.7
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:mozilla_suite:1.7.6:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.7:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.8:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.10:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.11:::::::*
cpe:2.3:a:mozilla:mozilla_suite::::::::		1.7.12
cpe:2.3:a:mozilla:seamonkey:1.0::alpha:::::
cpe:2.3:a:mozilla:seamonkey::beta::::::*		1.0
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:beta::::::
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		1.0.7
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::

Related information, measures and tools

No	URL	refsource	タグ
1	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	SCO
2	ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	SGI
3	http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html	SUSE
4	http://secunia.com/advisories/19631	SECUNIA
5	http://secunia.com/advisories/19696	SECUNIA
6	http://secunia.com/advisories/19714	SECUNIA
7	http://secunia.com/advisories/19721	SECUNIA
8	http://secunia.com/advisories/19729	SECUNIA
9	http://secunia.com/advisories/19746	SECUNIA
10	http://secunia.com/advisories/19759	SECUNIA
11	http://secunia.com/advisories/19780	SECUNIA
12	http://secunia.com/advisories/19794	SECUNIA
13	http://secunia.com/advisories/19811	SECUNIA
14	http://secunia.com/advisories/19823	SECUNIA
15	http://secunia.com/advisories/19852	SECUNIA
16	http://secunia.com/advisories/19862	SECUNIA
17	http://secunia.com/advisories/19863	SECUNIA
18	http://secunia.com/advisories/19902	SECUNIA
19	http://secunia.com/advisories/19941	SECUNIA
20	http://secunia.com/advisories/19950	SECUNIA
21	http://secunia.com/advisories/20051	SECUNIA
22	http://secunia.com/advisories/21033	SECUNIA
23	http://secunia.com/advisories/21622	SECUNIA
24	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	SUNALERT
25	http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1	SUNALERT
26	http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm	CONFIRM
27	http://www.debian.org/security/2006/dsa-1044	DEBIAN
28	http://www.debian.org/security/2006/dsa-1046	DEBIAN
29	http://www.debian.org/security/2006/dsa-1051	DEBIAN
30	http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	GENTOO
31	http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	GENTOO
32	http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml	GENTOO
33	http://www.kb.cert.org/vuls/id/492382	CERT-VN	US Government Resource
34	http://www.mandriva.com/security/advisories?name=MDKSA-2006:075	MANDRIVA
35	http://www.mandriva.com/security/advisories?name=MDKSA-2006:076	MANDRIVA
36	http://www.mozilla.org/security/announce/2006/mfsa2006-10.html	CONFIRM
37	http://www.novell.com/linux/security/advisories/2006_04_25.html	SUSE
38	http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html	FEDORA
39	http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html	FEDORA
40	http://www.redhat.com/support/errata/RHSA-2006-0328.html	REDHAT
41	http://www.redhat.com/support/errata/RHSA-2006-0329.html	REDHAT
42	http://www.redhat.com/support/errata/RHSA-2006-0330.html	REDHAT
43	http://www.securityfocus.com/archive/1/436296/100/0/threaded	FEDORA
44	http://www.securityfocus.com/archive/1/436338/100/0/threaded	FEDORA
45	http://www.securityfocus.com/archive/1/438730/100/0/threaded	HP
46	http://www.vupen.com/english/advisories/2006/1356	VUPEN
47	https://exchange.xforce.ibmcloud.com/vulnerabilities/25807	XF
48	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087	OVAL
49	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808	OVAL
50	https://usn.ubuntu.com/271-1/	UBUNTU
51	https://usn.ubuntu.com/275-1/	UBUNTU
52	https://usn.ubuntu.com/276-1/	UBUNTU

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox::::::::		1.0.7
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:mozilla_suite:1.7.6:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.7:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.8:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.10:::::::*
cpe:2.3:a:mozilla:mozilla_suite:1.7.11:::::::*
cpe:2.3:a:mozilla:mozilla_suite::::::::		1.7.12
cpe:2.3:a:mozilla:seamonkey:1.0::alpha:::::
cpe:2.3:a:mozilla:seamonkey::beta::::::*		1.0
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:beta::::::
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		1.0.7
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::