Home > Vulnerability Database > CVE-2006-0294

Mend.io Vulnerability Database

CVE-2006-0294

Date: February 2, 2006

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.

Severity Score

7.3

Related Resources (15)

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=317934

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1514

Url: http://secunia.com/advisories/18704

Url: http://www.securityfocus.com/bid/16476

Url: http://secunia.com/advisories/18700

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-0294

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-0294

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-02.html

Url: http://securitytracker.com/id?1015570

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/24431

Url: http://www.vupen.com/english/advisories/2006/3749

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/0413

Url: https://www.mend.io/vulnerability-database/CVE-2006-0294

Severity Score

7.3

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-0294

Date: February 2, 2006

Severity Score

Related Resources (15)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?