FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4566

This CVE name corresponds to:

Entered	Topic
2006-09-15	mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-4566 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2006-4566
Phase	Assigned(20060906)

Description

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\"), which leads to a buffer over-read.

References

Source	Reference
BUGTRAQ	20060915 rPSA-2006-0169-1 firefox thunderbird
CONFIRM	http://www.mozilla.org/security/announce/2006/mfsa2006-57.html
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
CONFIRM	https://issues.rpath.com/browse/RPL-640
DEBIAN	DSA-1191
DEBIAN	DSA-1192
DEBIAN	DSA-1210
GENTOO	GLSA-200609-19
GENTOO	GLSA-200610-01
GENTOO	GLSA-200610-04
HP	HPSBUX02153
HP	SSRT061181
MANDRIVA	MDKSA-2006:168
MANDRIVA	MDKSA-2006:169
REDHAT	RHSA-2006:0676
REDHAT	RHSA-2006:0677
REDHAT	RHSA-2006:0675
SGI	20060901-01-P
SUSE	SUSE-SA:2006:054
UBUNTU	USN-350-1
UBUNTU	USN-351-1
UBUNTU	USN-352-1
UBUNTU	USN-354-1
CERT-VN	VU#141528
BID	20042
OVAL	oval:org.mitre.oval:def:9637
VUPEN	ADV-2006-3617
VUPEN	ADV-2007-1198
VUPEN	ADV-2006-3748
VUPEN	ADV-2008-0083
SECTRACK	1016846
SECTRACK	1016847
SECTRACK	1016848
SECUNIA	21906
SECUNIA	21949
SECUNIA	21915
SECUNIA	21916
SECUNIA	21939
SECUNIA	21940
SECUNIA	21950
SECUNIA	22036
SECUNIA	22001
SECUNIA	22025
SECUNIA	22055
SECUNIA	22074
SECUNIA	22088
SECUNIA	22210
SECUNIA	22247
SECUNIA	22274
SECUNIA	22299
SECUNIA	22391
SECUNIA	22422
SECUNIA	22849
SECUNIA	22056
SECUNIA	22195
SECUNIA	24711
SECUNIA	22066
XF	mozilla-backslash-dos(28958)