====================================================== Name: CVE-2006-2779 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-32.html Reference: CERT-VN:VU#466673 Reference: URL:http://www.kb.cert.org/vuls/id/466673 Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption. ====================================================== Name: CVE-2006-2780 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-32.html Reference: CERT-VN:VU#466673 Reference: URL:http://www.kb.cert.org/vuls/id/466673 Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption. ====================================================== Name: CVE-2006-2781 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2781 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-40.html Double-free vulnerability in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters. ====================================================== Name: CVE-2006-2782 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-41.html Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. ====================================================== Name: CVE-2006-2783 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-42.html Mozilla Firefox and Thunderbird before 1.5.0.4 strips the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT. ====================================================== Name: CVE-2006-2784 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-36.html The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-complicit attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site. ====================================================== Name: CVE-2006-2785 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-34.html Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-complicit remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.
