CVE-2006-1742
First published: Fri Apr 14 2006(Updated: )
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | =1.5-beta2 | |
| Mozilla Mozilla Suite | <=1.7.12 | |
| Mozilla Firefox | =1.0.2 | |
| Mozilla Firefox | =1.5-beta1 | |
| Mozilla Firefox | =1.5 | |
| Mozilla Mozilla Suite | =1.7.10 | |
| Mozilla Firefox | =1.0.4 | |
| Mozilla Mozilla Suite | =1.7.8 | |
| Mozilla Thunderbird | =1.0 | |
| Mozilla Thunderbird | =1.0.1 | |
| Mozilla Thunderbird | =1.5-beta2 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla Thunderbird | =1.0.2 | |
| Mozilla Mozilla Suite | =1.7.11 | |
| Mozilla Firefox | =1.0 | |
| Mozilla Thunderbird | =1.5 | |
| Mozilla Firefox | =1.0.1 | |
| Mozilla Thunderbird | =1.0.4 | |
| Mozilla Thunderbird | =1.0.3 | |
| Mozilla Firefox | =1.0.3 | |
| Mozilla Thunderbird | =1.0.6 | |
| Mozilla Thunderbird | =1.0.5-beta | |
| Mozilla Mozilla Suite | =1.7.7 | |
| Mozilla Firefox | <=1.0.7 | |
| Mozilla Mozilla Suite | =1.7.6 | |
| Mozilla SeaMonkey | <=1.0 | |
| Mozilla Thunderbird | <=1.0.7 | |
| Mozilla Thunderbird | =1.0.5 | |
| Mozilla Firefox | =1.0.5 | |
| Mozilla Firefox | =1.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/2006/mfsa2006-10.html
- http://www.redhat.com/support/errata/RHSA-2006-0328.html
- http://www.kb.cert.org/vuls/id/492382
- http://secunia.com/advisories/19631
- http://www.debian.org/security/2006/dsa-1044
- http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
- http://secunia.com/advisories/19759
- http://secunia.com/advisories/19794
- http://www.debian.org/security/2006/dsa-1046
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
- http://secunia.com/advisories/19811
- http://secunia.com/advisories/19823
- http://secunia.com/advisories/19852
- http://secunia.com/advisories/19862
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19902
- http://www.debian.org/security/2006/dsa-1051
- http://secunia.com/advisories/19950
- http://secunia.com/advisories/19941
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
- http://secunia.com/advisories/19714
- http://secunia.com/advisories/19721
- http://secunia.com/advisories/19746
- http://www.redhat.com/support/errata/RHSA-2006-0329.html
- http://www.redhat.com/support/errata/RHSA-2006-0330.html
- http://secunia.com/advisories/21033
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
- http://secunia.com/advisories/21622
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
- http://secunia.com/advisories/19696
- http://secunia.com/advisories/19729
- http://secunia.com/advisories/19780
- http://secunia.com/advisories/20051
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
- http://www.vupen.com/english/advisories/2006/1356
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25807
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087
- https://usn.ubuntu.com/276-1/
- https://usn.ubuntu.com/275-1/
- https://usn.ubuntu.com/271-1/
- http://www.securityfocus.com/archive/1/438730/100/0/threaded
- http://www.securityfocus.com/archive/1/436338/100/0/threaded
- http://www.securityfocus.com/archive/1/436296/100/0/threaded
- agent/references
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/1.5-beta2
- canonical/mozilla mozilla suite
- version/mozilla mozilla suite/1.7.12
- version/mozilla firefox/1.0.2
- version/mozilla firefox/1.5-beta1
- version/mozilla firefox/1.5
- version/mozilla mozilla suite/1.7.10
- version/mozilla firefox/1.0.4
- version/mozilla mozilla suite/1.7.8
- canonical/mozilla thunderbird
- version/mozilla thunderbird/1.0
- version/mozilla thunderbird/1.0.1
- version/mozilla thunderbird/1.5-beta2
- canonical/mozilla seamonkey
- version/mozilla seamonkey/1.0
- version/mozilla thunderbird/1.0.2
- version/mozilla mozilla suite/1.7.11
- version/mozilla firefox/1.0
- version/mozilla thunderbird/1.5
- version/mozilla firefox/1.0.1
- version/mozilla thunderbird/1.0.4
- version/mozilla thunderbird/1.0.3
- version/mozilla firefox/1.0.3
- version/mozilla thunderbird/1.0.6
- version/mozilla thunderbird/1.0.5-beta
- version/mozilla mozilla suite/1.7.7
- version/mozilla firefox/1.0.7
- version/mozilla mozilla suite/1.7.6
- version/mozilla thunderbird/1.0.7
- version/mozilla thunderbird/1.0.5
- version/mozilla firefox/1.0.5
- version/mozilla firefox/1.0.6