CVE-2006-6498

Description

Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

6.8

CVSS

Severity: Medium

CVSS 2.0 •

EPSS 13.04% Top 10%

Vendor Advisory redhat.com Vendor Advisory debian.org Vendor Advisory ubuntu.com Vendor Advisory gentoo.org Vendor Advisory fedoranews.org Vendor Advisory hp.com Vendor Advisory redhat.com Vendor Advisory ubuntu.com Vendor Advisory fedoranews.org Vendor Advisory sgi.com Vendor Advisory novell.com Vendor Advisory debian.org Vendor Advisory debian.org Vendor Advisory novell.com Vendor Advisory sun.com Vendor Advisory gentoo.org Vendor Advisory redhat.com Vendor Advisory ubuntu.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com

Affected: n/a n/a

References

Link	Tags
http://www.securityfocus.com/bid/21668	vdb entry
http://secunia.com/advisories/23433	third party advisory vendor advisory
http://secunia.com/advisories/23439	third party advisory vendor advisory
http://secunia.com/advisories/23672	third party advisory vendor advisory
http://www.vupen.com/english/advisories/2006/5068	vdb entry
http://secunia.com/advisories/23468	third party advisory vendor advisory
http://rhn.redhat.com/errata/RHSA-2006-0758.html	vendor advisory
http://securitytracker.com/id?1017398	vdb entry
http://www.debian.org/security/2007/dsa-1265	vendor advisory
http://secunia.com/advisories/24078	third party advisory vendor advisory
http://secunia.com/advisories/23692	third party advisory vendor advisory
http://www.ubuntu.com/usn/usn-398-2	vendor advisory
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml	vendor advisory
http://secunia.com/advisories/23282	third party advisory vendor advisory
http://secunia.com/advisories/24390	third party advisory vendor advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661	vdb entry signature
http://fedoranews.org/cms/node/2297	vendor advisory
http://secunia.com/advisories/23422	third party advisory vendor advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	vendor advisory
http://secunia.com/advisories/23591	third party advisory vendor advisory
http://securitytracker.com/id?1017405	vdb entry
http://secunia.com/advisories/23614	third party advisory vendor advisory
http://securitytracker.com/id?1017406	vdb entry
http://rhn.redhat.com/errata/RHSA-2006-0759.html	vendor advisory
http://www.ubuntu.com/usn/usn-398-1	vendor advisory
http://www.vupen.com/english/advisories/2008/0083	vdb entry
http://fedoranews.org/cms/node/2338	vendor advisory
http://secunia.com/advisories/23420	third party advisory vendor advisory
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc	vendor advisory
http://secunia.com/advisories/23440	third party advisory vendor advisory
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html	vendor advisory
http://www.securityfocus.com/archive/1/455145/100/0/threaded	mailing list
http://www.kb.cert.org/vuls/id/427972	third party advisory us government resource
http://secunia.com/advisories/23545	third party advisory vendor advisory
http://secunia.com/advisories/23618	third party advisory vendor advisory
http://www.us-cert.gov/cas/techalerts/TA06-354A.html	third party advisory us government resource
http://www.kb.cert.org/vuls/id/447772	third party advisory us government resource
http://secunia.com/advisories/23589	third party advisory vendor advisory
http://www.debian.org/security/2007/dsa-1253	vendor advisory
http://www.debian.org/security/2007/dsa-1258	vendor advisory
https://issues.rpath.com/browse/RPL-883
http://www.securityfocus.com/archive/1/455728/100/200/threaded	mailing list
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html	vendor advisory
http://secunia.com/advisories/23601	third party advisory vendor advisory
http://secunia.com/advisories/23988	third party advisory vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1	vendor advisory
http://secunia.com/advisories/23514	third party advisory vendor advisory
http://security.gentoo.org/glsa/glsa-200701-02.xml	vendor advisory
http://rhn.redhat.com/errata/RHSA-2006-0760.html	vendor advisory
http://www.vupen.com/english/advisories/2007/2106	vdb entry
http://www.ubuntu.com/usn/usn-400-1	vendor advisory
http://secunia.com/advisories/25556	third party advisory vendor advisory

Frequently Asked Questions

What is the severity of CVE-2006-6498?: CVE-2006-6498 has been scored as a medium severity vulnerability.
How to fix CVE-2006-6498?: To fix CVE-2006-6498, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-6498 being actively exploited in the wild?: It is possible that CVE-2006-6498 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~13% probability that this vulnerability will be exploited by malicious actors in the next 30 days.