Vulnerability Description
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 1.0.7 |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
- ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
- http://secunia.com/advisories/19631Vendor Advisory
- http://secunia.com/advisories/19714
- http://secunia.com/advisories/19721
- http://secunia.com/advisories/19729
- http://secunia.com/advisories/19746
- http://secunia.com/advisories/19759Vendor Advisory
- http://secunia.com/advisories/19780
- http://secunia.com/advisories/19794Vendor Advisory
- http://secunia.com/advisories/19811Vendor Advisory
- http://secunia.com/advisories/19852Vendor Advisory
- http://secunia.com/advisories/19862Vendor Advisory
- http://secunia.com/advisories/19863
FAQ
What is CVE-2006-1790?
CVE-2006-1790 is a vulnerability with a CVSS score of 10.0 (HIGH). A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory ...
How severe is CVE-2006-1790?
CVE-2006-1790 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1790?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.