{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-19T00:00:00", "descriptions": [{"lang": "en", "value": "The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-12-22T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "21668", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21668"}, {"name": "23672", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23672"}, {"name": "ADV-2006-5068", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/5068"}, {"name": "1017398", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017398"}, {"name": "DSA-1265", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1265"}, {"name": "24078", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24078"}, {"name": "23692", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23692"}, {"name": "USN-398-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-398-2"}, {"name": "GLSA-200701-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"}, {"name": "23282", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23282"}, {"name": "24390", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24390"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html"}, {"name": "23422", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23422"}, {"name": "HPSBUX02153", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "23591", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23591"}, {"name": "ADV-2007-1124", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1124"}, {"name": "1017405", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017405"}, {"name": "23614", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23614"}, {"name": "1017406", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017406"}, {"name": "USN-398-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-398-1"}, {"name": "ADV-2008-0083", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0083"}, {"name": "23420", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23420"}, {"name": "SUSE-SA:2006:080", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"}, {"name": "VU#427972", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/427972"}, {"name": "23545", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23545"}, {"name": "102846", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1"}, {"name": "TA06-354A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"}, {"name": "23589", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23589"}, {"name": "DSA-1253", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1253"}, {"name": "DSA-1258", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1258"}, {"name": "SSRT061181", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "SUSE-SA:2007:006", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"}, {"name": "23988", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23988"}, {"name": "GLSA-200701-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"}, {"name": "USN-400-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-400-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-6499", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21668", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21668"}, {"name": "23672", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23672"}, {"name": "ADV-2006-5068", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/5068"}, {"name": "1017398", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017398"}, {"name": "DSA-1265", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1265"}, {"name": "24078", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24078"}, {"name": "23692", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23692"}, {"name": "USN-398-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-398-2"}, {"name": "GLSA-200701-04", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"}, {"name": "23282", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23282"}, {"name": "24390", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24390"}, {"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html"}, {"name": "23422", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23422"}, {"name": "HPSBUX02153", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "23591", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23591"}, {"name": "ADV-2007-1124", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1124"}, {"name": "1017405", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017405"}, {"name": "23614", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23614"}, {"name": "1017406", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017406"}, {"name": "USN-398-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-398-1"}, {"name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083"}, {"name": "23420", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23420"}, {"name": "SUSE-SA:2006:080", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"}, {"name": "VU#427972", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/427972"}, {"name": "23545", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23545"}, {"name": "102846", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1"}, {"name": "TA06-354A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"}, {"name": "23589", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23589"}, {"name": "DSA-1253", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1253"}, {"name": "DSA-1258", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1258"}, {"name": "SSRT061181", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"name": "SUSE-SA:2007:006", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"}, {"name": "23988", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23988"}, {"name": "GLSA-200701-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"}, {"name": "USN-400-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-400-1"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-6499", "datePublished": "2006-12-20T01:00:00", "dateReserved": "2006-12-13T00:00:00", "dateUpdated": "2006-12-22T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3FAAB80-9C12-47E9-BE5A-7763004F7A7D", "versionEndExcluding": "1.5.0.9", "versionStartIncluding": "1.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "C911462E-7F1B-4C32-82FB-40816E7B4592", "versionEndExcluding": "2.0.0.1", "versionStartIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD3C5C83-4F57-4D3A-A872-4F5BE7CD634B", "versionEndExcluding": "1.0.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "07C3E97B-591F-4A68-B901-441FA3540400", "versionEndExcluding": "1.5.0.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision."}, {"lang": "es", "value": "La funci\u00f3n js_dtoa en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 sobrescribe memoria en lugar de salir cuando la precisi\u00f3n de coma flotante es reducida, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante cualquier plugin que reduzca dicha precisi\u00f3n."}], "id": "CVE-2006-6499", "lastModified": "2023-12-22T18:49:53.110", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-12-20T01:28:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23282"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23420"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23422"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23545"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23589"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23591"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23614"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23672"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23692"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/23988"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/24078"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/24390"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017398"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017405"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017406"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1253"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1258"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1265"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/427972"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-68.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/21668"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-398-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-398-2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-400-1"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2006/5068"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1124"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0083"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}