CVE-2006-1993
CVE-2006-1993
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/1716no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/19802http://secunia.com/advisories/20015http://secunia.com/advisories/20019http://secunia.com/advisories/20070http://secunia.com/advisories/20214http://secunia.com/advisories/22066http://securityreason.com/securityalert/780http://securitytracker.com/id?1015981https://exchange.xforce.ibmcloud.com/vulnerabilities/25994https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1790http://www.debian.org/security/2006/dsa-1053http://www.debian.org/security/2006/dsa-1055