FKIE_CVE-2006-0884

Vulnerability from fkie_nvd - Published: 2006-02-24 22:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
References
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
cve@mitre.orghttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
cve@mitre.orghttp://secunia.com/advisories/19721Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19811Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19821Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19823Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19863Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19902Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19941Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19950Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20051Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21033Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/21622Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/22065Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1015665Exploit
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1046Patch
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1051Patch
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:052
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:076
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:078
cve@mitre.orghttp://www.mozilla.org/security/announce/2006/mfsa2006-21.htmlVendor Advisory
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_04_25.html
cve@mitre.orghttp://www.osvdb.org/23653
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0329.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0330.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/425786/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/436296/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/438730/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/446657/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/16770Exploit, Patch
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/3749Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/25983
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024
cve@mitre.orghttps://usn.ubuntu.com/276-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19721Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19811Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19821Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19823Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19863Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19902Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19941Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19950Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20051Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21033Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21622Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22065Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015665Exploit
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1046Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1051Patch
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:052
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2006/mfsa2006-21.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_04_25.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/23653
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0329.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0330.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/425786/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/436296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/438730/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16770Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3749Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25983
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/276-1/
Impacted products
Vendor Product Version
mozilla thunderbird *
mozilla thunderbird 0.1
mozilla thunderbird 0.2
mozilla thunderbird 0.3
mozilla thunderbird 0.4
mozilla thunderbird 0.5
mozilla thunderbird 0.6
mozilla thunderbird 0.7
mozilla thunderbird 0.7.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 0.8
mozilla thunderbird 0.9
mozilla thunderbird 1.0
mozilla thunderbird 1.0.1
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.5
mozilla thunderbird 1.0.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18B07F4-E46B-4BA9-BFBF-16754CD71C31",
              "versionEndIncluding": "1.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0618BD26-0EF5-4774-9131-B5ABD4CD302A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D604DAE-DF63-413C-9F49-FFC8E84699F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DE6185-09F4-48E3-9742-F9D8030B5774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E70864-E077-4CD6-A0E8-BC2C4C298A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E565E5-286D-4A68-B085-5659DFE59A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E2A68B4-9101-4AC5-9E82-EEB5A5405541",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5263F879-9B90-4582-B677-F133DEBE5259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C256B73C-9ABC-43D4-8C57-09161BC9F923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The WYSIWYG rendering engine (\"rich mail\" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail."
    }
  ],
  "id": "CVE-2006-0884",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-02-24T22:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://securitytracker.com/id?1015665"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:052"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-21.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/23653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/425786/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16770"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25983"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/276-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://securitytracker.com/id?1015665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-21.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/23653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/425786/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/276-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.