CVE-2006-6497

Name: CVE-2006-6497
Creator: NVD / NIST
Published: 2006-12-20T01:28:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.29%

Last modified Jun 16, 2026

CVE-2006-6497 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors.. EPSS estimates a 4.29% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors.

Metrics

EPSS Probability

4.29%

89.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Mozilla	Firefox	<= 1.5.0.8
Mozilla	Firefox	2.0
Mozilla	Seamonkey	<= 1.5.0.8
Mozilla	Thunderbird	<= 1.5.0.8

References

ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
http://fedoranews.org/cms/node/2297
http://fedoranews.org/cms/node/2338
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://rhn.redhat.com/errata/RHSA-2006-0758.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0759.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0760.html
http://secunia.com/advisories/23282Vendor Advisory
http://secunia.com/advisories/23420Vendor Advisory
http://secunia.com/advisories/23422Vendor Advisory
http://secunia.com/advisories/23433Vendor Advisory
http://secunia.com/advisories/23439Vendor Advisory
http://secunia.com/advisories/23440Vendor Advisory
http://secunia.com/advisories/23468Vendor Advisory
http://secunia.com/advisories/23514Vendor Advisory
http://secunia.com/advisories/23545Vendor Advisory
http://secunia.com/advisories/23589Vendor Advisory
http://secunia.com/advisories/23591Vendor Advisory
http://secunia.com/advisories/23598Vendor Advisory
http://secunia.com/advisories/23601Vendor Advisory
http://secunia.com/advisories/23614Vendor Advisory
http://secunia.com/advisories/23618Vendor Advisory
http://secunia.com/advisories/23672Vendor Advisory
http://secunia.com/advisories/23692Vendor Advisory
http://secunia.com/advisories/23988Vendor Advisory
http://secunia.com/advisories/24078Vendor Advisory
http://secunia.com/advisories/24390Vendor Advisory
http://secunia.com/advisories/24948
http://security.gentoo.org/glsa/glsa-200701-02.xml
http://securitytracker.com/id?1017398
http://securitytracker.com/id?1017405
http://securitytracker.com/id?1017406
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1
http://www.debian.org/security/2007/dsa-1253
http://www.debian.org/security/2007/dsa-1258
http://www.debian.org/security/2007/dsa-1265
http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
http://www.kb.cert.org/vuls/id/427972US Government Resource
http://www.kb.cert.org/vuls/id/606260US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
http://www.mandriva.com/security/advisories?name=MDKSA-2007:011
http://www.mozilla.org/security/announce/2006/mfsa2006-68.htmlVendor Advisory
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
http://www.securityfocus.com/archive/1/455145/100/0/threaded
http://www.securityfocus.com/archive/1/455728/100/200/threaded
http://www.securityfocus.com/bid/21668
http://www.ubuntu.com/usn/usn-398-1
http://www.ubuntu.com/usn/usn-398-2
http://www.ubuntu.com/usn/usn-400-1
http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlUS Government Resource
http://www.vupen.com/english/advisories/2006/5068
http://www.vupen.com/english/advisories/2007/1463
http://www.vupen.com/english/advisories/2008/0083
https://issues.rpath.com/browse/RPL-883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
http://fedoranews.org/cms/node/2297
http://fedoranews.org/cms/node/2338
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://rhn.redhat.com/errata/RHSA-2006-0758.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0759.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0760.html
http://secunia.com/advisories/23282Vendor Advisory
http://secunia.com/advisories/23420Vendor Advisory
http://secunia.com/advisories/23422Vendor Advisory
http://secunia.com/advisories/23433Vendor Advisory
http://secunia.com/advisories/23439Vendor Advisory
http://secunia.com/advisories/23440Vendor Advisory
http://secunia.com/advisories/23468Vendor Advisory
http://secunia.com/advisories/23514Vendor Advisory
http://secunia.com/advisories/23545Vendor Advisory
http://secunia.com/advisories/23589Vendor Advisory
http://secunia.com/advisories/23591Vendor Advisory
http://secunia.com/advisories/23598Vendor Advisory
http://secunia.com/advisories/23601Vendor Advisory
http://secunia.com/advisories/23614Vendor Advisory
http://secunia.com/advisories/23618Vendor Advisory
http://secunia.com/advisories/23672Vendor Advisory
http://secunia.com/advisories/23692Vendor Advisory
http://secunia.com/advisories/23988Vendor Advisory
http://secunia.com/advisories/24078Vendor Advisory
http://secunia.com/advisories/24390Vendor Advisory
http://secunia.com/advisories/24948
http://security.gentoo.org/glsa/glsa-200701-02.xml
http://securitytracker.com/id?1017398
http://securitytracker.com/id?1017405
http://securitytracker.com/id?1017406
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1
http://www.debian.org/security/2007/dsa-1253
http://www.debian.org/security/2007/dsa-1258
http://www.debian.org/security/2007/dsa-1265
http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
http://www.kb.cert.org/vuls/id/427972US Government Resource
http://www.kb.cert.org/vuls/id/606260US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
http://www.mandriva.com/security/advisories?name=MDKSA-2007:011
http://www.mozilla.org/security/announce/2006/mfsa2006-68.htmlVendor Advisory
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
http://www.securityfocus.com/archive/1/455145/100/0/threaded
http://www.securityfocus.com/archive/1/455728/100/200/threaded
http://www.securityfocus.com/bid/21668
http://www.ubuntu.com/usn/usn-398-1
http://www.ubuntu.com/usn/usn-398-2
http://www.ubuntu.com/usn/usn-400-1
http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlUS Government Resource
http://www.vupen.com/english/advisories/2006/5068
http://www.vupen.com/english/advisories/2007/1463
http://www.vupen.com/english/advisories/2008/0083
https://issues.rpath.com/browse/RPL-883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691

Timeline

Published: Dec 20, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-6497?

How severe is CVE-2006-6497?

Severity scoring for CVE-2006-6497 is pending analysis. The EPSS model estimates a 4.29% probability of exploitation in the next 30 days.

How do I fix CVE-2006-6497?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-6497?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST