QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-1993

Back to search

CVE-2006-1993

Published: Apr 25, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

VendorProductVersions

n/a

n/a

affected
n/a

References

20214
third-party-advisory
x_refsource_SECUNIA
19802
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3748
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:1790
vdb-entry
signature
x_refsource_OVAL
SSRT061145
vendor-advisory
x_refsource_HP
20019
third-party-advisory
x_refsource_SECUNIA
17671
vdb-entry
x_refsource_BID
GLSA-200605-06
vendor-advisory
x_refsource_GENTOO
ADV-2006-1922
vdb-entry
x_refsource_VUPEN
HPSBTU02118
vendor-advisory
x_refsource_HP
DSA-1055
vendor-advisory
x_refsource_DEBIAN
VU#866300
third-party-advisory
x_refsource_CERT-VN
20015
third-party-advisory
x_refsource_SECUNIA
1015981
vdb-entry
x_refsource_SECTRACK
ADV-2008-0083
vdb-entry
x_refsource_VUPEN
ADV-2006-1614
vdb-entry
x_refsource_VUPEN
SSRT061181
vendor-advisory
x_refsource_HP
HPSBUX02153
vendor-advisory
x_refsource_HP
22066
third-party-advisory
x_refsource_SECUNIA
20070
third-party-advisory
x_refsource_SECUNIA
DSA-1053
vendor-advisory
x_refsource_DEBIAN
780
third-party-advisory
x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now