CVE-2006-6499 Affecting firefox package, versions <45.0-1
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIANUNSTABLE-FIREFOX-425633
- published 20 Dec 2006
- disclosed 20 Dec 2006
Introduced: 20 Dec 2006
CVE-2006-6499 Open this link in a new tabHow to fix?
Upgrade Debian:unstable
firefox
to version 45.0-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream firefox
package and not the firefox
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
References
- ADVISORY
- CERT
- Cert Vulnerability Note
- Debian Security Advisory
- Debian Security Advisory
- Debian Security Advisory
- Gentoo Security Advisory
- Gentoo Security Advisory
- HP
- Mozilla Security Announcement
- SECTRACK
- SECTRACK
- SECTRACK
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Secunia Advisory
- Security Focus
- SUSE
- SUSE
- Ubuntu Security Advisory
- Ubuntu Security Advisory
- Ubuntu Security Advisory
- VUPEN
- VUPEN
- VUPEN
- secalert@redhat.com