CVE-2006-1531 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2006-1531?

CVE-2006-1531 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-1531?

Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Seamonkey, Mozilla Thunderbird, Debian Debian Linux.

Vulnerability Description

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Mozilla	Firefox	< 1.5.0.2
Mozilla	Seamonkey	< 1.0.1
Mozilla	Thunderbird	< 1.5.0.2
Debian	Debian Linux	3.1

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtThird Party Advisory
http://secunia.com/advisories/19631Third Party Advisory
http://secunia.com/advisories/19649Third Party Advisory
http://secunia.com/advisories/19863Third Party Advisory
http://secunia.com/advisories/19941Third Party Advisory
http://secunia.com/advisories/21033Third Party Advisory
http://secunia.com/advisories/22065Third Party Advisory
http://secunia.com/advisories/22066Third Party Advisory
http://securitytracker.com/id?1015919Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1015920Third Party AdvisoryVDB Entry
http://securitytracker.com/id?1015921Third Party AdvisoryVDB Entry
http://www.debian.org/security/2006/dsa-1046Third Party Advisory
http://www.debian.org/security/2006/dsa-1051Third Party Advisory
http://www.kb.cert.org/vuls/id/350262Third Party AdvisoryUS Government Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-20.htmlPatchVendor Advisory

FAQ

What is CVE-2006-1531?

CVE-2006-1531 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via un...

How severe is CVE-2006-1531?

CVE-2006-1531 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1531?

Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Seamonkey, Mozilla Thunderbird, Debian Debian Linux.