VDB
CVE-2006-0292
CVE-2006-0292
PUBLISHED
CVSS 7.5 HIGH
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.
EPSS 7.11% · 91.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
7.11%
91.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | firefox | 1.0.2, 1.0.6, 1.0.7 |
| n/a | n/a | * |
| mozilla | mozilla | 1.4.1, 1.5, 1.4 |
Timeline
- Feb 2, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- MDKSA-2006:036 vendor-advisory
- USN-275-1 vendor-advisory
- RHSA-2006:0330 vendor-advisory
- 19902 third-party-advisory
- mozilla-javascript-memory-corruption(24430) vdb
- MDKSA-2006:037 vendor-advisory
- USN-276-1 vendor-advisory
- HPSBUX02122 vendor-advisory
- 19941 third-party-advisory
- 19780 third-party-advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=316885 url
- 19821 third-party-advisory
- oval:org.mitre.oval:def:10016 vdb
- FEDORA-2006-075 vendor-advisory
- GLSA-200604-12 vendor-advisory
- 21622 third-party-advisory
- 19862 third-party-advisory
- 19230 third-party-advisory
- 18704 third-party-advisory
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm url
…and 44 more