cvelistv5 - cve-2006-4569

CVE-2006-4569 (GCVE-0-2006-4569)

Vulnerability from cvelistv5

Published

2006-09-15 19:00

Modified

2024-08-07 19:14

Severity ?

CWE

Summary

The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/3748	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/22195	third-party-advisory, x_refsource_SECUNIA
	http://www.mozilla.org/security/announce/2006/mfsa2006-62.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1016849	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/21950	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-351-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/22025	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/22056	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:168	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/22210	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24711	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0083	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/28957	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2007/1198	vdb-entry, x_refsource_VUPEN
	http://security.gentoo.org/glsa/glsa-200609-19.xml	vendor-advisory, x_refsource_GENTOO
	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742	vendor-advisory, x_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2006-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/20042	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/22001	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/446140/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/22066	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/21949	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2006_54_mozilla.html	vendor-advisory, x_refsource_SUSE
	https://issues.rpath.com/browse/RPL-640	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/usn-354-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/22422	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:14:47.558Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-3748",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3748"
          },
          {
            "name": "oval:org.mitre.oval:def:10650",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650"
          },
          {
            "name": "22195",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22195"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
          },
          {
            "name": "1016849",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016849"
          },
          {
            "name": "21950",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21950"
          },
          {
            "name": "USN-351-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-351-1"
          },
          {
            "name": "22025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22025"
          },
          {
            "name": "22056",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22056"
          },
          {
            "name": "MDKSA-2006:168",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
          },
          {
            "name": "22210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22210"
          },
          {
            "name": "24711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24711"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm"
          },
          {
            "name": "ADV-2008-0083",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0083"
          },
          {
            "name": "firefox-popup-blocker-xss(28957)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28957"
          },
          {
            "name": "ADV-2007-1198",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1198"
          },
          {
            "name": "GLSA-200609-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
          },
          {
            "name": "RHSA-2006:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0675.html"
          },
          {
            "name": "20042",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20042"
          },
          {
            "name": "22001",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22001"
          },
          {
            "name": "20060915 rPSA-2006-0169-1 firefox thunderbird",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
          },
          {
            "name": "22066",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22066"
          },
          {
            "name": "21949",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21949"
          },
          {
            "name": "SUSE-SA:2006:054",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-640"
          },
          {
            "name": "USN-354-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-354-1"
          },
          {
            "name": "22422",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22422"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The popup blocker in Mozilla Firefox before 1.5.0.7 opens the \"blocked popups\" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2006-3748",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3748"
        },
        {
          "name": "oval:org.mitre.oval:def:10650",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650"
        },
        {
          "name": "22195",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22195"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
        },
        {
          "name": "1016849",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016849"
        },
        {
          "name": "21950",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21950"
        },
        {
          "name": "USN-351-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-351-1"
        },
        {
          "name": "22025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22025"
        },
        {
          "name": "22056",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22056"
        },
        {
          "name": "MDKSA-2006:168",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
        },
        {
          "name": "22210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22210"
        },
        {
          "name": "24711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24711"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm"
        },
        {
          "name": "ADV-2008-0083",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0083"
        },
        {
          "name": "firefox-popup-blocker-xss(28957)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28957"
        },
        {
          "name": "ADV-2007-1198",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1198"
        },
        {
          "name": "GLSA-200609-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
        },
        {
          "name": "RHSA-2006:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0675.html"
        },
        {
          "name": "20042",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20042"
        },
        {
          "name": "22001",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22001"
        },
        {
          "name": "20060915 rPSA-2006-0169-1 firefox thunderbird",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
        },
        {
          "name": "22066",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22066"
        },
        {
          "name": "21949",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21949"
        },
        {
          "name": "SUSE-SA:2006:054",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-640"
        },
        {
          "name": "USN-354-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-354-1"
        },
        {
          "name": "22422",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22422"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-4569",
    "datePublished": "2006-09-15T19:00:00.000Z",
    "dateReserved": "2006-09-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:14:47.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2006-AVI-391

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été identifies dans les produits Mozilla Firefox, Thunderbird et SeaMonkey. L'exploitation de ceux-ci contre un système vulnérable peuvent conduire à une exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été identifiées dans les produits Mozilla Firefox, Thunderbird et SeaMonkey. Parmi celles-ci :

la manipulation de certains codes Javascript par le navigateur Firefox pourrait provoquer un débordement de la mémoire, et ainsi permettre l'exécution de commandes arbitraires. L'utilisateur doit visiter une page construite de manière malveillante pour être impacté. Cependant, la messagerie Thunderbird utilise en grande partie le noyau du navigateur Firefox pour l'affichage de messages en format HTML, quand cela est autorisé. L'utilisateur pourrait donc avoir son système compromis suite à la lecture d'un courrier électronique. Cette option n'est pas activée par défaut.
la désactivation de Javascript dans la messagerie Thunderbird ne serait pas correctement effectuée, et pourrait être contournée afin de permettre l'exécution de code Javascript à l'insu de l'utilisateur.
une mauvaise vérification des signatures RSA PKCS #1 v1.5 utilisant un exposant de valeur 3. Cette vulnérabilité est à mettre en relation avec l'avis du CERTA CERTA-200-AVI-384 concernant OpenSSL.
la procédure de mise à jour de Firefox et Thunderbird, basée sur SSL ne s'effecturait pas correctement. Il serait possible, en usurpant les réponses DNS adressées à la victime, de rediriger ses requêtes de mises à jour vers un site malveillant. Le certificat ne serait alors pas convenablement vérifié.

Solution

Se référer au bulletin de sécurité de Mozilla pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Mozilla	N/A	Mozilla SeaMonkey 1.0.4 ainsi que les versions antérieures.
Mozilla	Thunderbird	Mozilla Thunderbird 1.5.0.5 ainsi que les versions antérieures ;
Mozilla	Firefox	Mozilla Firefox 1.5.0.6 ainsi que les versions antérieures ;

References

Title

Publication Time

Tags

Mises à jour Mozilla du 14 septembre 2006	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-352 du 25 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-60 :	-	other
Bulletin de sécurité Red Hat RHSA-2006:0675 du 15 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-64 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-63 :	-	other
Bulletin de sécurité Red Hat RHSA-2006:0677 du 15 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-59 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-57 :	-	other
Bulletin de sécurité Ubuntu USN-351 du 22 septembre 2006 :	-	other
Bulletin de sécurité SuSE SUSE-SA:2006:054 du 22 septembre 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:168 du 20 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-62 :	-	other
Bulletin de sécurité SGI 20060901-01-P du 19 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-58 :	-	other
Bulletin de sécurité Ubuntu USN-350 du 21 septembre 2006 :	-	other
Bulletin de sécurité Red Hat RHSA-2006:0676 du 15 septembre 2006 :	-	other
Bulletin de sécurité Mozilla MFSA-2006-61 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mozilla SeaMonkey 1.0.4 ainsi que les versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Mozilla Thunderbird 1.5.0.5 ainsi que les versions ant\u00e9rieures ;",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    },
    {
      "description": "Mozilla Firefox 1.5.0.6 ainsi que les versions ant\u00e9rieures ;",
      "product": {
        "name": "Firefox",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les produits Mozilla\nFirefox, Thunderbird et SeaMonkey. Parmi celles-ci :\n\n-   la manipulation de certains codes Javascript par le navigateur\n    Firefox pourrait provoquer un d\u00e9bordement de la m\u00e9moire, et ainsi\n    permettre l\u0027ex\u00e9cution de commandes arbitraires. L\u0027utilisateur doit\n    visiter une page construite de mani\u00e8re malveillante pour \u00eatre\n    impact\u00e9. Cependant, la messagerie Thunderbird utilise en grande\n    partie le noyau du navigateur Firefox pour l\u0027affichage de messages\n    en format HTML, quand cela est autoris\u00e9. L\u0027utilisateur pourrait donc\n    avoir son syst\u00e8me compromis suite \u00e0 la lecture d\u0027un courrier\n    \u00e9lectronique. Cette option n\u0027est pas activ\u00e9e par d\u00e9faut.\n-   la d\u00e9sactivation de Javascript dans la messagerie Thunderbird ne\n    serait pas correctement effectu\u00e9e, et pourrait \u00eatre contourn\u00e9e afin\n    de permettre l\u0027ex\u00e9cution de code Javascript \u00e0 l\u0027insu de\n    l\u0027utilisateur.\n-   une mauvaise v\u00e9rification des signatures RSA PKCS \\#1 v1.5 utilisant\n    un exposant de valeur 3. Cette vuln\u00e9rabilit\u00e9 est \u00e0 mettre en\n    relation avec l\u0027avis du CERTA CERTA-200-AVI-384 concernant OpenSSL.\n-   la proc\u00e9dure de mise \u00e0 jour de Firefox et Thunderbird, bas\u00e9e sur SSL\n    ne s\u0027effecturait pas correctement. Il serait possible, en usurpant\n    les r\u00e9ponses DNS adress\u00e9es \u00e0 la victime, de rediriger ses requ\u00eates\n    de mises \u00e0 jour vers un site malveillant. Le certificat ne serait\n    alors pas convenablement v\u00e9rifi\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de Mozilla pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4339"
    },
    {
      "name": "CVE-2006-4566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4566"
    },
    {
      "name": "CVE-2006-4570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4570"
    },
    {
      "name": "CVE-2006-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4253"
    },
    {
      "name": "CVE-2006-4568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4568"
    },
    {
      "name": "CVE-2006-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4565"
    },
    {
      "name": "CVE-2006-4567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4567"
    },
    {
      "name": "CVE-2006-4340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4340"
    },
    {
      "name": "CVE-2006-4569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4569"
    },
    {
      "name": "CVE-2006-4571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4571"
    }
  ],
  "initial_release_date": "2006-09-15T00:00:00",
  "last_revision_date": "2006-09-28T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-352 du 25 septembre 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-352-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-60 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2006:0675 du 15 septembre    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0675.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-64 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-64.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-63 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-63.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2006:0677 du 15 septembre    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0677.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-59 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-57 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-57.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-351 du 22 septembre 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-351-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2006:054 du 22 septembre    2006 :",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Sep/0008.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:168 du 20    septembre 2006 :",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:168"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-62 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SGI 20060901-01-P du 19 septembre 2006    :",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-58 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-58.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-350 du 21 septembre 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-350-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2006:0676 du 15 septembre    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0676.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA-2006-61 :",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-61.html"
    }
  ],
  "reference": "CERTA-2006-AVI-391",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-09-15T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 SuSE, Ubuntu, Red Hat, Mandriva et SGI.",
      "revision_date": "2006-09-26T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Ubuntu, Red Hat.",
      "revision_date": "2006-09-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifies dans les produits Mozilla\nFirefox, Thunderbird et SeaMonkey. L\u0027exploitation de ceux-ci contre un\nsyst\u00e8me vuln\u00e9rable peuvent conduire \u00e0 une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mises \u00e0 jour Mozilla du 14 septembre 2006",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-4569 (GCVE-0-2006-4569)

Vulnerability from cvelistv5

CERTA-2006-AVI-391

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature