Published: 02/02/2006 Updated: 19/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 550

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey prior to 1.0 might allow remote malicious users to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.5

Mozilla Foundation Security Advisory 2006-06 Integer overflows in E4X, SVG, and Canvas Announced February 1, 2006 Reporter Georgi Guninski Impact Moderate Products Firefox, SeaMonkey, Thunderbird Fixed in ...

NVD-CWE-Other https://bugzilla.mozilla.org/show_bug.cgi?id=319872 https://bugzilla.mozilla.org/show_bug.cgi?id=322215 http://www.securityfocus.com/bid/16476 http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://securitytracker.com/id?1015570 http://www.mozilla.org/security/announce/2006/mfsa2006-06.html http://secunia.com/advisories/22065 http://www.vupen.com/english/advisories/2006/3749 http://www.vupen.com/english/advisories/2006/0413 https://exchange.xforce.ibmcloud.com/vulnerabilities/24435 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1339 http://www.securityfocus.com/archive/1/446657/100/200/threaded https://nvd.nist.gov https://www.mozilla.org/en-US/security/advisories/mfsa2006-06/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0297

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect