Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2006-4566

Disclosure Date: September 15, 2006
CVE-2006-4566
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set (“[\”), which leads to a buffer over-read.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • mozilla

Products

  • firefox,
  • seamonkey,
  • thunderbird

References

Canonical
CVE-2006-4566 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566)
BID-20042 (http://www.securityfocus.com/bid/20042)
Advisory
SECTRACK-1016847 (http://securitytracker.com/id?1016847)
SECUNIA-22391 (http://secunia.com/advisories/22391)
ADV-2006-3748 (http://www.vupen.com/english/advisories/2006/3748)
http://www.redhat.com/support/errata/RHSA-2006-0676.html
VU#141528 (http://www.kb.cert.org/vuls/id/141528)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9637
SECUNIA-22055 (http://secunia.com/advisories/22055)
SECUNIA-22195 (http://secunia.com/advisories/22195)
http://www.mozilla.org/security/announce/2006/mfsa2006-57.html
USN-352-1 (http://www.ubuntu.com/usn/usn-352-1)
SECUNIA-21950 (http://secunia.com/advisories/21950)
USN-351-1 (http://www.ubuntu.com/usn/usn-351-1)
SECUNIA-22025 (http://secunia.com/advisories/22025)
SECUNIA-22056 (http://secunia.com/advisories/22056)
SECUNIA-22247 (http://secunia.com/advisories/22247)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168
DSA-1191 (http://www.us.debian.org/security/2006/dsa-1191)
SECUNIA-22210 (http://secunia.com/advisories/22210)
DSA-1210 (http://www.debian.org/security/2006/dsa-1210)
SECUNIA-24711 (http://secunia.com/advisories/24711)
GLSA-200610-04 (http://security.gentoo.org/glsa/glsa-200610-04.xml)
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
SECUNIA-22849 (http://secunia.com/advisories/22849)
ADV-2008-0083 (http://www.vupen.com/english/advisories/2008/0083)
SECUNIA-21939 (http://secunia.com/advisories/21939)
SECTRACK-1016848 (http://securitytracker.com/id?1016848)
ADV-2006-3617 (http://www.vupen.com/english/advisories/2006/3617)
SECUNIA-21915 (http://secunia.com/advisories/21915)
ADV-2007-1198 (http://www.vupen.com/english/advisories/2007/1198)
http://www.redhat.com/support/errata/RHSA-2006-0677.html
DSA-1192 (http://www.debian.org/security/2006/dsa-1192)
GLSA-200609-19 (http://security.gentoo.org/glsa/glsa-200609-19.xml)
SSRT061181 (http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742)
SECUNIA-22274 (http://secunia.com/advisories/22274)
http://www.redhat.com/support/errata/RHSA-2006-0675.html
SECUNIA-21940 (http://secunia.com/advisories/21940)
SECUNIA-22001 (http://secunia.com/advisories/22001)
20060915 rPSA-2006-0169-1 firefox thunderbird (http://www.securityfocus.com/archive/1/446140/100/0/threaded)
USN-350-1 (http://www.ubuntu.com/usn/usn-350-1)
SECUNIA-21906 (http://secunia.com/advisories/21906)
GLSA-200610-01 (http://security.gentoo.org/glsa/glsa-200610-01.xml)
SECUNIA-22074 (http://secunia.com/advisories/22074)
SECUNIA-22066 (http://secunia.com/advisories/22066)
SECUNIA-22088 (http://secunia.com/advisories/22088)
SECUNIA-21949 (http://secunia.com/advisories/21949)
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html
https://issues.rpath.com/browse/RPL-640
SECUNIA-22036 (http://secunia.com/advisories/22036)
SECTRACK-1016846 (http://securitytracker.com/id?1016846)
USN-354-1 (http://www.ubuntu.com/usn/usn-354-1)
SECUNIA-22422 (http://secunia.com/advisories/22422)
XF-mozilla-backslash-dos(28958) (https://exchange.xforce.ibmcloud.com/vulnerabilities/28958)
SECUNIA-22299 (http://secunia.com/advisories/22299)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:169
SECUNIA-21916 (http://secunia.com/advisories/21916)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis