CVE Vulnerabilities

CVE-2006-4566

Published: Sep 15, 2006 | Modified: Oct 17, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ([), which leads to a buffer over-read.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 1.5.0.6 (including)
Seamonkey Mozilla * 1.0.4 (including)
Thunderbird Mozilla * 1.5.0.6 (including)
Red Hat Enterprise Linux 3 RedHat seamonkey-0:1.0.5-0.1.el3 *
Red Hat Enterprise Linux 4 RedHat firefox-0:1.5.0.7-0.1.el4 *
Red Hat Enterprise Linux 4 RedHat devhelp-0:0.10-0.4.el4 *
Red Hat Enterprise Linux 4 RedHat seamonkey-0:1.0.5-0.1.el4 *
Red Hat Enterprise Linux 4 RedHat thunderbird-0:1.5.0.7-0.1.el4 *
Firefox Ubuntu dapper *
Firefox-3.0 Ubuntu devel *
Firefox-3.0 Ubuntu gutsy *
Lightning-sunbird Ubuntu devel *
Lightning-sunbird Ubuntu gutsy *
Midbrowser Ubuntu devel *
Midbrowser Ubuntu gutsy *
Mozilla-thunderbird Ubuntu dapper *
Mozilla-thunderbird Ubuntu edgy *
Mozilla-thunderbird Ubuntu feisty *
Xulrunner Ubuntu devel *
Xulrunner Ubuntu edgy *
Xulrunner Ubuntu feisty *
Xulrunner Ubuntu gutsy *

References