{"vuid":"VU#390480","idnumber":"390480","name":"Mozilla products vulnerable to memory corruption","keywords":["Mozilla","Firefox","Thunderbird","SeaMonkey","memory corruption","JavaScript engine","mozilla_1508"],"overview":"A vulnerability exists in the way Mozilla products process JavaScript. This vulnerability may allow an attacker to execute arbitrary code.","clean_desc":"The Mozilla Foundation supports several Open Source projects, including the Mozilla, Seamonkey, and Firefox web browsers. The Thunderbird email client is also a Mozilla product. An unspecified vulnerability exists in the way Mozilla products process JavaScript. For more information refer to Mozilla Foundation Security Advisory 2006-67. Note that other Mozilla-based applications may also be affected.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code.","resolution":"Upgrade\nSee Mozilla Foundation Security Advisory 2006-67 for information about affected clients.","workarounds":"Disable Javascript Disabling JavaScript may mitigate the impact of this vulnerability. See the Securing Your Web Browser document for more information.","sysaffected":"","thanks":"Thanks to the Mozilla Foundation for information about this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["https://bugzilla.mozilla.org/show_bug.cgi?id=349527","https://bugzilla.mozilla.org/show_bug.cgi?id=351973","https://bugzilla.mozilla.org/show_bug.cgi?id=353165","https://bugzilla.mozilla.org/show_bug.cgi?id=354145","https://bugzilla.mozilla.org/show_bug.cgi?id=354151","https://bugzilla.mozilla.org/show_bug.cgi?id=350238","https://bugzilla.mozilla.org/show_bug.cgi?id=351116","https://bugzilla.mozilla.org/show_bug.cgi?id=352271","https://bugzilla.mozilla.org/show_bug.cgi?id=352606","https://bugzilla.mozilla.org/show_bug.cgi?id=354924","http://www.mozilla.org/security/announce/2006/mfsa2006-65.html","http://secunia.com/advisories/22929/","http://secunia.com/advisories/22980/","http://secunia.com/advisories/23013/","http://secunia.com/advisories/22763/","http://secunia.com/advisories/23009/","http://secunia.com/advisories/22815/","http://secunia.com/advisories/22727/"],"cveids":["CVE-2006-5748"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-11-08T13:52:44Z","publicdate":"2006-11-08T00:00:00Z","datefirstpublished":"2006-11-08T15:58:57Z","dateupdated":"2006-12-21T18:47:44Z","revision":28,"vrda_d1_directreport":"0","vrda_d1_population":"4","vrda_d1_impact":"2","cam_widelyknown":"7","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"18","cam_impact":"7","cam_easeofexploitation":"4","cam_attackeraccessrequired":"4","cam_scorecurrent":"0.4536","cam_scorecurrentwidelyknown":"0.945","cam_scorecurrentwidelyknownexploited":"1.701","ipprotocol":"tcp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.4536,"vulnote":null}