National Vulnerability Database (NVD) National Vulnerability Database (CVE-2006-0748)

National Cyber Awareness System

Vulnerability Summary for CVE-2006-0748

Original release date:04/14/2006

Last revised:03/08/2011

Source: US-CERT/NIST

Overview

Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Solution

This vulnerability also affects Mozilla Suite before 1.7.13}

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: XF

Name: mozilla-table-rebuilding-code-execution(25985)

Hyperlink:http://xforce.iss.net/xforce/xfdb/25985

External Source: MISC

Name: http://www.zerodayinitiative.com/advisories/ZDI-06-011/

Hyperlink:http://www.zerodayinitiative.com/advisories/ZDI-06-011/

External Source: VUPEN

Name: ADV-2008-0083

Hyperlink:http://www.vupen.com/english/advisories/2008/0083

External Source: VUPEN

Name: ADV-2006-3749

Hyperlink:http://www.vupen.com/english/advisories/2006/3749

External Source: VUPEN

Name: ADV-2006-3748

Hyperlink:http://www.vupen.com/english/advisories/2006/3748

External Source: VUPEN

Name: ADV-2006-3391

Hyperlink:http://www.vupen.com/english/advisories/2006/3391

External Source: VUPEN

Name: ADV-2006-1356

Hyperlink:http://www.vupen.com/english/advisories/2006/1356

External Source: UBUNTU

Name: USN-276-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-276-1

External Source: UBUNTU

Name: USN-275-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-275-1

External Source: BID

Name: 17516

Hyperlink:http://www.securityfocus.com/bid/17516

External Source: HP

Name: SSRT061181

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded

External Source: HP

Name: SSRT061181

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded

External Source: HP

Name: SSRT061236

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded

External Source: HP

Name: SSRT061236

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded

External Source: HP

Name: HPSBUX02122

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded

External Source: HP

Name: HPSBUX02122

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded

External Source: FEDORA

Name: FLSA:189137-2

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/436338/100/0/threaded

External Source: FEDORA

Name: FLSA:189137-1

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/436296/100/0/threaded

External Source: BUGTRAQ

Name: 20060426 ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/432103/100/0/threaded

External Source: REDHAT

Name: RHSA-2006:0330

Hyperlink:http://www.redhat.com/support/errata/RHSA-2006-0330.html

External Source: REDHAT

Name: RHSA-2006:0329

Hyperlink:http://www.redhat.com/support/errata/RHSA-2006-0329.html

External Source: SUSE

Name: SUSE-SA:2006:004

Hyperlink:http://www.novell.com/linux/security/advisories/2006_04_25.html

External Source: SUSE

Name: SUSE-SA:2006:004

Hyperlink:http://www.novell.com/linux/security/advisories/2006_04_25.html

External Source: MANDRIVA

Name: MDKSA-2006:078

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:078

External Source: MANDRIVA

Name: MDKSA-2006:076

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:076

External Source: MANDRIVA

Name: MDKSA-2006:075

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:075

External Source: GENTOO

Name: GLSA-200605-09

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml

External Source: GENTOO

Name: GLSA-200604-18

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

External Source: GENTOO

Name: GLSA-200604-12

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml

External Source: DEBIAN

Name: DSA-1051

Hyperlink:http://www.debian.org/security/2006/dsa-1051

External Source: DEBIAN

Name: DSA-1046

Hyperlink:http://www.debian.org/security/2006/dsa-1046

External Source: DEBIAN

Name: DSA-1044

Hyperlink:http://www.debian.org/security/2006/dsa-1044

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

External Source: SUNALERT

Name: 228526

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

External Source: SUNALERT

Name: 102550

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

External Source: SECUNIA

Name: 22065

Hyperlink:http://secunia.com/advisories/22065

External Source: SECUNIA

Name: 21622

Hyperlink:http://secunia.com/advisories/21622

External Source: SECUNIA

Name: 21033

Hyperlink:http://secunia.com/advisories/21033

External Source: SECUNIA

Name: 20051

Hyperlink:http://secunia.com/advisories/20051

External Source: SECUNIA

Name: 19950

Hyperlink:http://secunia.com/advisories/19950

External Source: SECUNIA

Name: 19941

Hyperlink:http://secunia.com/advisories/19941

External Source: SECUNIA

Name: 19902

Hyperlink:http://secunia.com/advisories/19902

External Source: SECUNIA

Name: 19863

Hyperlink:http://secunia.com/advisories/19863

External Source: SECUNIA

Name: 19862

Hyperlink:http://secunia.com/advisories/19862

External Source: SECUNIA

Name: 19852

Hyperlink:http://secunia.com/advisories/19852

External Source: SECUNIA

Name: 19823

Hyperlink:http://secunia.com/advisories/19823

External Source: SECUNIA

Name: 19821

Hyperlink:http://secunia.com/advisories/19821

External Source: SECUNIA

Name: 19811

Hyperlink:http://secunia.com/advisories/19811

External Source: SECUNIA

Name: 19794

Hyperlink:http://secunia.com/advisories/19794

External Source: SECUNIA

Name: 19759

Hyperlink:http://secunia.com/advisories/19759

External Source: OVAL

Name: oval:org.mitre.oval:def:11164

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11164

External Source: SGI

Name: 20060404-01-U

Hyperlink:ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc

External Source: SCO

Name: SCOSA-2006.26

Hyperlink:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

External Source: SECUNIA

Name: 22066

Hyperlink:http://secunia.com/advisories/22066

US Government Resource: oval:org.mitre.oval:def:1189

Name: oval:org.mitre.oval:def:1189

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1189

References to Check Content

Identifier:oval:org.mitre.oval:def:1189

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1189

Identifier:oval:org.mitre.oval:def:11164

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11164

Vulnerable software and versions

Configuration 1

* cpe:/a:mozilla:firefox:1.0

* cpe:/a:mozilla:firefox:1.0.1

* cpe:/a:mozilla:firefox:1.0.2

* cpe:/a:mozilla:firefox:1.0.3

* cpe:/a:mozilla:firefox:1.0.4

* cpe:/a:mozilla:firefox:1.0.5

* cpe:/a:mozilla:firefox:1.0.6

* cpe:/a:mozilla:firefox:1.0.7

* cpe:/a:mozilla:firefox:1.5

* cpe:/a:mozilla:firefox:1.5.0.1

* cpe:/a:mozilla:firefox:1.5:beta1

* cpe:/a:mozilla:firefox:1.5:beta2

* cpe:/a:mozilla:firefox:preview_release

* cpe:/a:mozilla:seamonkey:1.0::alpha

* cpe:/a:mozilla:seamonkey:1.0:beta

* cpe:/a:mozilla:thunderbird:1.0

* cpe:/a:mozilla:thunderbird:1.0.1

* cpe:/a:mozilla:thunderbird:1.0.2

* cpe:/a:mozilla:thunderbird:1.0.3

* cpe:/a:mozilla:thunderbird:1.0.4

* cpe:/a:mozilla:thunderbird:1.0.5

* cpe:/a:mozilla:thunderbird:1.0.5:beta

* cpe:/a:mozilla:thunderbird:1.0.6

* cpe:/a:mozilla:thunderbird:1.0.7

* cpe:/a:mozilla:thunderbird:1.5

* cpe:/a:mozilla:thunderbird:1.5.0.1

* cpe:/a:mozilla:thunderbird:1.5:beta2

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Resource Management Errors (CWE-399)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748