Unrated severityNVD Advisory· Published Dec 20, 2006· Updated Apr 23, 2026
CVE-2006-6499
CVE-2006-6499
Description
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
Affected products
8cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
34- secunia.com/advisories/23282nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23420nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23422nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23545nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23589nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23591nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23614nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23672nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23692nvdBroken LinkThird Party Advisory
- secunia.com/advisories/23988nvdBroken LinkThird Party Advisory
- secunia.com/advisories/24078nvdBroken LinkThird Party Advisory
- secunia.com/advisories/24390nvdBroken LinkThird Party Advisory
- security.gentoo.org/glsa/glsa-200701-02.xmlnvdBroken LinkThird Party Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.debian.org/security/2007/dsa-1253nvdThird Party Advisory
- www.debian.org/security/2007/dsa-1258nvdThird Party Advisory
- www.debian.org/security/2007/dsa-1265nvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200701-04.xmlnvdThird Party Advisory
- www.kb.cert.org/vuls/id/427972nvdThird Party AdvisoryUS Government Resource
- www.mozilla.org/security/announce/2006/mfsa2006-68.htmlnvdVendor Advisory
- www.securityfocus.com/bid/21668nvdBroken LinkThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-398-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-398-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-400-1nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA06-354A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2006/5068nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2007/1124nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2008/0083nvdBroken LinkThird Party Advisory
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- www.novell.com/linux/security/advisories/2006_80_mozilla.htmlnvdBroken Link
- www.novell.com/linux/security/advisories/2007_06_mozilla.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.