Vulnerabilities > CVE-2006-5633 - Denial of Service vulnerability in Mozilla Firefox Range Script Object
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | Mozilla Firefox <= 1.5.0.7/ 2.0 (createRange) Remote DoS Exploit. CVE-2006-5633. Dos exploits for multiple platform |
id | EDB-ID:2695 |
last seen | 2016-01-31 |
modified | 2006-10-31 |
published | 2006-10-31 |
reporter | Gotfault Security |
source | https://www.exploit-db.com/download/2695/ |
title | Mozilla Firefox <= 1.5.0.7/ 2.0 createRange Remote DoS Exploit |
Statements
contributor | Joshua Bressers |
lastmodified | 2006-11-07 |
organization | Red Hat |
statement | Red Hat does not consider a user-assisted crash of a client application such as Firefox to be a security issue. |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050416.html
- http://www.gotfault.net/research/advisory/gadv-firefox.txt
- http://www.securityfocus.com/archive/1/450155/100/0/threaded
- http://www.securityfocus.com/archive/1/450167/100/0/threaded
- http://www.securityfocus.com/archive/1/450168/100/0/threaded
- http://www.securityfocus.com/archive/1/450682/100/200/threaded
- http://www.securityfocus.com/archive/1/452803/100/0/threaded
- http://www.securityfocus.com/bid/20799
- https://bugzilla.mozilla.org/show_bug.cgi?id=358797
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=213237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29916