N/A Publié le 2006-06-02

CVE-2006-2779

EN Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.

Apps suivies affectées

Thunderbird

winget:Mozilla.Thunderbird

1 ouverte

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*

Voir sur NVD ↗