Vulnerability Details : CVE-2006-1742
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
Vulnerability category: Memory Corruption
Exploit prediction scoring system (EPSS) score for CVE-2006-1742
Probability of exploitation activity in the next 30 days: 7.67%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-1742
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2006-1742
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
-
http://www.novell.com/linux/security/advisories/2006_04_25.html
404 Page Not Found | SUSE
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25807
- https://usn.ubuntu.com/271-1/
- http://www.redhat.com/support/errata/RHSA-2006-0330.html
- http://www.debian.org/security/2006/dsa-1051
-
http://www.mozilla.org/security/announce/2006/mfsa2006-10.html
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
- http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
- http://www.redhat.com/support/errata/RHSA-2006-0329.html
- http://www.securityfocus.com/archive/1/438730/100/0/threaded
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
-
http://www.kb.cert.org/vuls/id/492382
US Government Resource
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
- http://www.vupen.com/english/advisories/2006/1356
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
- http://www.securityfocus.com/archive/1/436296/100/0/threaded
- http://www.debian.org/security/2006/dsa-1046
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
- ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
- https://usn.ubuntu.com/276-1/
- http://www.securityfocus.com/archive/1/436338/100/0/threaded
- https://usn.ubuntu.com/275-1/
- http://www.redhat.com/support/errata/RHSA-2006-0328.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
- http://www.debian.org/security/2006/dsa-1044
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
Products affected by CVE-2006-1742
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*