Vulnerability Note VU#427972
Mozilla denial of service vulnerability
Certain Mozilla products contain a denial-of-service vulnerability.
Certain Mozilla products contain a denial-of-service vulnerability that occurs because of an infinite loop in the js_dtoa function. Mozilla Firefox versions prior to 18.104.22.168, Thunderbird prior to 22.214.171.124, and other Mozilla products may be affected.
According to Mozilla Foundation Security Advisory 2006-68:
A remote unauthenticated attacker may be able to cause a denial-of-service condition.
The Mozilla Foundation has released upgrades that address this issue. See Mozilla Foundation Security Advisory 2006-68 for more information.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Mozilla||Affected||-||21 Dec 2006|
CVSS Metrics (Learn More)
Thanks to Igor Bukanov, Jesse Ruderman, moz_bug_r_a4, Mozilla for providing information that was used in this report.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2006-6499
- Date Public: 19 Dec 2006
- Date First Published: 18 Jan 2007
- Date Last Updated: 04 Jun 2007
- Severity Metric: 0.30
- Document Revision: 41
If you have feedback, comments, or additional information about this vulnerability, please send us email.