Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-6505

Published: 20/12/2006 Updated: 17/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Seamonkey

Vulnerability Summary

Multiple heap-based buffer overflows in Mozilla Thunderbird prior to 1.5.0.9 and SeaMonkey prior to 1.0.7 allow remote malicious users to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla seamonkey

mozilla thunderbird

Vendor Advisories

Ubuntu Security Notice: mozilla-thunderbird vulnerabilities
Georgi Guninski and David Bienvenu discovered that long Content-Type and RFC2047-encoded headers we vulnerable to heap overflows By tricking the user into opening a specially crafted email, an attacker could execute arbitrary code with user privileges (CVE-2006-6506) ...
Debian Security Advisories: DSA-1265-1 mozilla -- several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-6497 Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary c ...
Mozilla: Mail header processing heap overflows
Mozilla Foundation Security Advisory 2006-74 Mail header processing heap overflows Announced December 19, 2006 Reporter Georgi Guninski, David Bienvenu Impact Critical Products SeaMonkey, Thunderbird Fixed in ...

References

NVD-CWE-Otherhttp://www.mozilla.org/security/announce/2006/mfsa2006-74.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0759.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0760.htmlhttp://securitytracker.com/id?1017419http://securitytracker.com/id?1017420http://secunia.com/advisories/23433http://secunia.com/advisories/23439https://issues.rpath.com/browse/RPL-883http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlhttp://www.kb.cert.org/vuls/id/887332http://www.securityfocus.com/bid/21668http://secunia.com/advisories/23420http://secunia.com/advisories/23422http://secunia.com/advisories/23468ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.aschttp://secunia.com/advisories/23514http://www.novell.com/linux/security/advisories/2006_80_mozilla.htmlhttp://fedoranews.org/cms/node/2297http://fedoranews.org/cms/node/2338http://www.gentoo.org/security/en/glsa/glsa-200701-03.xmlhttp://www.ubuntu.com/usn/usn-400-1http://secunia.com/advisories/23601http://secunia.com/advisories/23545http://secunia.com/advisories/23591http://secunia.com/advisories/23598http://secunia.com/advisories/23618http://www.gentoo.org/security/en/glsa/glsa-200701-04.xmlhttp://secunia.com/advisories/23692http://www.novell.com/linux/security/advisories/2007_06_mozilla.htmlhttp://secunia.com/advisories/23672http://www.debian.org/security/2007/dsa-1265http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1http://secunia.com/advisories/24108http://secunia.com/advisories/24390http://www.mandriva.com/security/advisories?name=MDKSA-2007:011http://www.vupen.com/english/advisories/2008/0083http://www.vupen.com/english/advisories/2007/0573http://www.vupen.com/english/advisories/2006/5068https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11565http://www.securityfocus.com/archive/1/455728/100/200/threadedhttp://www.securityfocus.com/archive/1/455145/100/0/threadedhttps://usn.ubuntu.com/400-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/887332
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook