NVD脆弱性詳細

CVE-2006-6498

概要	Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.
公表日	2006年12月20日10:28
登録日	2021年1月29日15:51
最終更新日	2018年10月18日6:48

CVSS2.0 : MEDIUM
スコア	6.8
ベクター	AV:N/AC:M/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	はい
ユーザー操作が必要	はい

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:mozilla:1.7:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*

関連情報、対策とツール

No	URL	refsource	タグ
1	ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc	SGI
2	http://fedoranews.org/cms/node/2297	FEDORA
3	http://fedoranews.org/cms/node/2338	FEDORA
4	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	HP
5	http://rhn.redhat.com/errata/RHSA-2006-0758.html	REDHAT	Vendor Advisory
6	http://rhn.redhat.com/errata/RHSA-2006-0759.html	REDHAT	Vendor Advisory
7	http://rhn.redhat.com/errata/RHSA-2006-0760.html	REDHAT	Vendor Advisory
8	http://secunia.com/advisories/23282	SECUNIA	Vendor Advisory
9	http://secunia.com/advisories/23420	SECUNIA	Vendor Advisory
10	http://secunia.com/advisories/23422	SECUNIA	Vendor Advisory
11	http://secunia.com/advisories/23433	SECUNIA	Vendor Advisory
12	http://secunia.com/advisories/23439	SECUNIA	Vendor Advisory
13	http://secunia.com/advisories/23440	SECUNIA	Vendor Advisory
14	http://secunia.com/advisories/23468	SECUNIA	Vendor Advisory
15	http://secunia.com/advisories/23514	SECUNIA	Vendor Advisory
16	http://secunia.com/advisories/23545	SECUNIA	Vendor Advisory
17	http://secunia.com/advisories/23589	SECUNIA	Vendor Advisory
18	http://secunia.com/advisories/23591	SECUNIA	Vendor Advisory
19	http://secunia.com/advisories/23601	SECUNIA	Vendor Advisory
20	http://secunia.com/advisories/23614	SECUNIA	Vendor Advisory
21	http://secunia.com/advisories/23618	SECUNIA	Vendor Advisory
22	http://secunia.com/advisories/23672	SECUNIA	Vendor Advisory
23	http://secunia.com/advisories/23692	SECUNIA	Vendor Advisory
24	http://secunia.com/advisories/23988	SECUNIA	Vendor Advisory
25	http://secunia.com/advisories/24078	SECUNIA	Vendor Advisory
26	http://secunia.com/advisories/24390	SECUNIA	Vendor Advisory
27	http://secunia.com/advisories/25556	SECUNIA	Vendor Advisory
28	http://security.gentoo.org/glsa/glsa-200701-02.xml	GENTOO
29	http://securitytracker.com/id?1017398	SECTRACK
30	http://securitytracker.com/id?1017405	SECTRACK
31	http://securitytracker.com/id?1017406	SECTRACK
32	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1	SUNALERT
33	http://www.debian.org/security/2007/dsa-1253	DEBIAN
34	http://www.debian.org/security/2007/dsa-1258	DEBIAN
35	http://www.debian.org/security/2007/dsa-1265	DEBIAN
36	http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml	GENTOO
37	http://www.kb.cert.org/vuls/id/427972	CERT-VN	US Government Resource
38	http://www.kb.cert.org/vuls/id/447772	CERT-VN	US Government Resource
39	http://www.mozilla.org/security/announce/2006/mfsa2006-68.html	CONFIRM
40	http://www.novell.com/linux/security/advisories/2006_80_mozilla.html	SUSE
41	http://www.novell.com/linux/security/advisories/2007_06_mozilla.html	SUSE
42	http://www.securityfocus.com/archive/1/455145/100/0/threaded	BUGTRAQ
43	http://www.securityfocus.com/archive/1/455728/100/200/threaded	BUGTRAQ
44	http://www.securityfocus.com/bid/21668	BID
45	http://www.ubuntu.com/usn/usn-398-1	UBUNTU
46	http://www.ubuntu.com/usn/usn-398-2	UBUNTU
47	http://www.ubuntu.com/usn/usn-400-1	UBUNTU
48	http://www.us-cert.gov/cas/techalerts/TA06-354A.html	CERT	US Government Resource
49	http://www.vupen.com/english/advisories/2006/5068	VUPEN
50	http://www.vupen.com/english/advisories/2007/2106	VUPEN
51	http://www.vupen.com/english/advisories/2008/0083	VUPEN
52	https://issues.rpath.com/browse/RPL-883	CONFIRM
53	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661	OVAL

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:mozilla:1.7:::::::*

構成2	以上	以下	より上	未満
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*