Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FreeBSD Ports: firefox

Information

Severity

Severity

Medium

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.1

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

6 years ago

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Insight

Insight

The following packages are affected: firefox linux-firefox CVE-2006-1993 Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

Solution

Solution

Update your system with the appropriate patches or software upgrades.

Common Vulnerabilities and Exposures (CVE)