Mozilla Firefox/SeaMonkey/Thunderbird 拒绝服务漏洞

漏洞信息详情

Mozilla Firefox/SeaMonkey/Thunderbird 拒绝服务漏洞

• CNNVD编号：CNNVD-200604-221
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2006-1723
  
• 漏洞类型：
  
  
  资料不足
  
• 发布时间：
  
  2006-04-14
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-04-15
  
• 厂        商：
  
  mozilla
• 漏洞来源：
  TippingPoint http:…

Mozilla Suite/Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。

攻击者可能通过DHTML相关的攻击导致拒绝服务或执行任意代码。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Sun Solaris 10.0

Sun 119115-21

http://sunsolve.sun.com/

Sun Solaris 8

Sun 120671-03

http://sunsolve.sun.com/patches/

HP HP-UX B.11.23

HP Firefox v2.0.0.4

http://www.hp.com/products1/unix/java/firefox/downloads/license_firefo x_2-0-0-4.html

HP thunderbird_1.5.0.9_ia.depot.gz

For HP-UX B.11.23 and B.11.31 (IA)

http://www.hp.com/products1/unix/java/firefox/downloads/license_thunde rbird_1-5-0-8.html

HP thunderbird_1.5.0.9_pa.depot.gz

For HP-UX B.11.11, B.11.23, and B.11.31 (PA)

http://www.hp.com/products1/unix/java/firefox/downloads/license_thunde rbird_1-5-0-8.html

HP HP-UX B.11.11

HP Firefox v2.0.0.4

http://www.hp.com/products1/unix/java/firefox/downloads/license_firefo x_2-0-0-4.html

HP thunderbird_1.5.0.9_pa.depot.gz

For HP-UX B.11.11, B.11.23, and B.11.31 (PA)

http://www.hp.com/products1/unix/java/firefox/downloads/license_thunde rbird_1-5-0-8.html

Mozilla Thunderbird 0.8

Fedora Legacy thunderbird-1.0.8-1.1.fc3.4.legacy.i386.rpm

Fedora Core 3:

http://download.fedoralegacy.org/fedora/3/updates/i386/thunderbird-1.0 .8-1.1.fc3.4.legacy.i386.rpm

Fedora Legacy thunderbird-1.0.8-1.1.fc3.4.legacy.x86_64.rpm

Fedora Core 3:

http://download.fedoralegacy.org/fedora/3/updates/x86_64/thunderbird-1 .0.8-1.1.fc3.4.legacy.x86_64.rpm

Mozilla Firefox 1.0.4

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_alpha.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_amd64.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_arm.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_arm.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_hppa.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_hppa.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_i386.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_i386.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_ia64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_ia64.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_m68k.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_m68k.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_mips.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_mips.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_mipsel.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_mipsel.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_powerpc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_powerpc.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_s390.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_s390.deb

Debian mozilla-firefox-dom-inspector_1.0.4-2sarge6_sparc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-dom-inspector_1.0.4-2sarge6_sparc.deb

Debian mozilla-firefox-gnome-support_1.0.4-2sarge6_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla -firefox-gnome-support_1.

来源: US-CERT

名称: VU#350262

链接:http://www.kb.cert.org/vuls/id/350262

来源: www.mozilla.org

链接:http://www.mozilla.org/security/announce/2006/mfsa2006-20.html

来源: BID

名称: 17516

链接:http://www.securityfocus.com/bid/17516

来源: HP

名称: HPSBUX02153

链接:http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded

来源: HP

名称: SSRT061236

链接:http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded

来源: VUPEN

名称: ADV-2008-0083

链接:http://www.frsirt.com/english/advisories/2008/0083

来源: VUPEN

名称: ADV-2006-3749

链接:http://www.frsirt.com/english/advisories/2006/3749

来源: VUPEN

名称: ADV-2006-3748

链接:http://www.frsirt.com/english/advisories/2006/3748

来源: VUPEN

名称: ADV-2006-1356

链接:http://www.frsirt.com/english/advisories/2006/1356

来源: DEBIAN

名称: DSA-1051

链接:http://www.debian.org/security/2006/dsa-1051

来源: DEBIAN

名称: DSA-1046

链接:http://www.debian.org/security/2006/dsa-1046

来源: SECTRACK

名称: 1015921

链接:http://securitytracker.com/id?1015921

来源: SECTRACK

名称: 1015920

链接:http://securitytracker.com/id?1015920

来源: SECTRACK

名称: 1015919

链接:http://securitytracker.com/id?1015919

来源: SECUNIA

名称: 22066

链接:http://secunia.com/advisories/22066

来源: SECUNIA

名称: 22065

链接:http://secunia.com/advisories/22065

来源: SECUNIA

名称: 21033

链接:http://secunia.com/advisories/21033

来源: SECUNIA

名称: 19941

链接:http://secunia.com/advisories/19941

来源: SECUNIA

名称: 19863

链接:http://secunia.com/advisories/19863

来源: SECUNIA

名称: 19649

链接:http://secunia.com/advisories/19649

来源: SECUNIA

名称: 19631

链接:http://secunia.com/advisories/19631

来源: SCO

名称: SCOSA-2006.26

链接:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

来源: US Government Resource: oval:org.mitre.oval:def:1574

名称: oval:org.mitre.oval:def:1574

链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1574