Home

CVE-2006-4565

Description

Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a minimal quantifier.

Risk Information

Base Score
9.6
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
10.073

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Mozilla Firefox (x64) 1.5.0.6Windows
Multiple vulnerabilities affected in Mozilla Thunderbird 1.5.0.6Windows
Multiple vulnerabilities affected in Mozilla_Firefox 1.5.0.6Windows
Multiple vulnerabilities affected in SeaMonkey 1.0.4Windows
Multiple Vulnerabilities are affected in Mozilla Thunderbird 1.5.0.5Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 1.5.0.6Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 1.5.0.6Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac 1.5.0.7Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-343016Mozilla Firefox (x64) (132.0.2)
PATCH-315938Mozilla Thunderbird (68.12.0)
PATCH-343015Mozilla Firefox (132.0.2)
PATCH-341197SeaMonkey (2.53.19)
PATCH-613630Mozilla Firefox For Mac (147.0.4)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234