Vulnerability Description
IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ie Tab | Ie Tab | 1.0.9 |
| Mozilla | Firefox | 1.5.0.3 |
References
- http://www.securityfocus.com/archive/1/434280/100/0/threaded
- http://www.securityfocus.com/archive/1/434519/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26540
- http://www.securityfocus.com/archive/1/434280/100/0/threaded
- http://www.securityfocus.com/archive/1/434519/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26540
FAQ
What is CVE-2006-2538?
CVE-2006-2538 is a vulnerability with a CVSS score of 2.6 (LOW). IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as d...
How severe is CVE-2006-2538?
CVE-2006-2538 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2538?
Check the references section above for vendor advisories and patch information. Affected products include: Ie Tab Ie Tab, Mozilla Firefox.