CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-1790

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile39.80th
Published2006年4月14日
Last Modified2026年4月16日

Vulnerability Description

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.

Affected Platforms (CPE)

📦
Mozilla

Firefox

= 1.0.7

References & Advisories

🔗 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
🔗 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
🔗 http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
🔗 http://secunia.com/advisories/19631
🔗 http://secunia.com/advisories/19714
🔗 http://secunia.com/advisories/19721
🔗 http://secunia.com/advisories/19729
🔗 http://secunia.com/advisories/19746

関連する脆弱性情報

CVE-2019-1170810.0

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the no...

CVE-2019-2513610.0

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and ...

CVE-2018-1850510.0

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication betwee...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...