CVE-2006-6501
UnknownEPSS 2.83%
Last modified
CVE-2006-6501 is a vulnerability of currently unknown severity. Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.. EPSS estimates a 2.83% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | >= 1.5, < 1.5.0.9 |
| Mozilla | Firefox | >= 2.0, < 2.0.0.1 |
| Mozilla | Seamonkey | < 1.0.7 |
| Mozilla | Thunderbird | < 1.5.0.9 |
| Debian | Debian Linux | 3.1 |
| Debian | Debian Linux | 4.0 |
| Canonical | Ubuntu Linux | 5.10 |
| Canonical | Ubuntu Linux | 6.06 |
| Canonical | Ubuntu Linux | 6.10 |
References
- http://fedoranews.org/cms/node/2297Broken Link
- http://fedoranews.org/cms/node/2338Broken Link
- http://rhn.redhat.com/errata/RHSA-2006-0758.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0759.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0760.htmlThird Party Advisory
- http://secunia.com/advisories/23282Third Party Advisory
- http://secunia.com/advisories/23420Third Party Advisory
- http://secunia.com/advisories/23422Third Party Advisory
- http://secunia.com/advisories/23433Third Party Advisory
- http://secunia.com/advisories/23439Third Party Advisory
- http://secunia.com/advisories/23440Third Party Advisory
- http://secunia.com/advisories/23468Third Party Advisory
- http://secunia.com/advisories/23514Third Party Advisory
- http://secunia.com/advisories/23545Third Party Advisory
- http://secunia.com/advisories/23589Third Party Advisory
- http://secunia.com/advisories/23591Third Party Advisory
- http://secunia.com/advisories/23598Third Party Advisory
- http://secunia.com/advisories/23601Third Party Advisory
- http://secunia.com/advisories/23614Third Party Advisory
- http://secunia.com/advisories/23618Third Party Advisory
- http://secunia.com/advisories/23672Third Party Advisory
- http://secunia.com/advisories/23692Third Party Advisory
- http://secunia.com/advisories/23988Third Party Advisory
- http://secunia.com/advisories/24078Third Party Advisory
- http://secunia.com/advisories/24390Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200701-02.xmlThird Party Advisory
- http://securitytracker.com/id?1017403Third Party Advisory, VDB Entry
- http://securitytracker.com/id?1017404Third Party Advisory, VDB Entry
- http://securitytracker.com/id?1017407Third Party Advisory, VDB Entry
- http://www.debian.org/security/2007/dsa-1253Third Party Advisory
- http://www.debian.org/security/2007/dsa-1258Third Party Advisory
- http://www.debian.org/security/2007/dsa-1265Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200701-03.xmlThird Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200701-04.xmlThird Party Advisory
- http://www.kb.cert.org/vuls/id/263412Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:010Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:011Third Party Advisory
- http://www.securityfocus.com/bid/21668Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/usn-398-1Third Party Advisory
- http://www.ubuntu.com/usn/usn-398-2Third Party Advisory
- http://www.ubuntu.com/usn/usn-400-1Third Party Advisory
- http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlThird Party Advisory, US Government Resource
- http://www.vupen.com/english/advisories/2006/5068Third Party Advisory
- http://www.vupen.com/english/advisories/2008/0083Third Party Advisory
- https://issues.rpath.com/browse/RPL-883Broken Link
- http://fedoranews.org/cms/node/2297Broken Link
- http://fedoranews.org/cms/node/2338Broken Link
- http://rhn.redhat.com/errata/RHSA-2006-0758.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0759.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0760.htmlThird Party Advisory
- http://secunia.com/advisories/23282Third Party Advisory
- http://secunia.com/advisories/23420Third Party Advisory
- http://secunia.com/advisories/23422Third Party Advisory
- http://secunia.com/advisories/23433Third Party Advisory
- http://secunia.com/advisories/23439Third Party Advisory
- http://secunia.com/advisories/23440Third Party Advisory
- http://secunia.com/advisories/23468Third Party Advisory
- http://secunia.com/advisories/23514Third Party Advisory
- http://secunia.com/advisories/23545Third Party Advisory
- http://secunia.com/advisories/23589Third Party Advisory
- http://secunia.com/advisories/23591Third Party Advisory
- http://secunia.com/advisories/23598Third Party Advisory
- http://secunia.com/advisories/23601Third Party Advisory
- http://secunia.com/advisories/23614Third Party Advisory
- http://secunia.com/advisories/23618Third Party Advisory
- http://secunia.com/advisories/23672Third Party Advisory
- http://secunia.com/advisories/23692Third Party Advisory
- http://secunia.com/advisories/23988Third Party Advisory
- http://secunia.com/advisories/24078Third Party Advisory
- http://secunia.com/advisories/24390Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200701-02.xmlThird Party Advisory
- http://securitytracker.com/id?1017403Third Party Advisory, VDB Entry
- http://securitytracker.com/id?1017404Third Party Advisory, VDB Entry
- http://securitytracker.com/id?1017407Third Party Advisory, VDB Entry
- http://www.debian.org/security/2007/dsa-1253Third Party Advisory
- http://www.debian.org/security/2007/dsa-1258Third Party Advisory
- http://www.debian.org/security/2007/dsa-1265Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200701-03.xmlThird Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200701-04.xmlThird Party Advisory
- http://www.kb.cert.org/vuls/id/263412Third Party Advisory, US Government Resource
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:010Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:011Third Party Advisory
- http://www.securityfocus.com/bid/21668Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/usn-398-1Third Party Advisory
- http://www.ubuntu.com/usn/usn-398-2Third Party Advisory
- http://www.ubuntu.com/usn/usn-400-1Third Party Advisory
- http://www.us-cert.gov/cas/techalerts/TA06-354A.htmlThird Party Advisory, US Government Resource
- http://www.vupen.com/english/advisories/2006/5068Third Party Advisory
- http://www.vupen.com/english/advisories/2008/0083Third Party Advisory
- https://issues.rpath.com/browse/RPL-883Broken Link
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-6501?
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
How severe is CVE-2006-6501?
Severity scoring for CVE-2006-6501 is pending analysis. The EPSS model estimates a 2.83% probability of exploitation in the next 30 days.
How do I fix CVE-2006-6501?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2006-6501?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST