CVE-2006-6499

N/A Unknown
Published: December 20, 2006 Modified: April 23, 2026
View on NVD

Description

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/23282
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23420
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23422
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23545
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23589
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23591
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23614
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23672
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23692
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/23988
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/24078
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://secunia.com/advisories/24390
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://security.gentoo.org/glsa/glsa-200701-02.xml
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://securitytracker.com/id?1017398
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://securitytracker.com/id?1017405
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://securitytracker.com/id?1017406
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1
Source: secalert@redhat.com
Broken Link
http://www.debian.org/security/2007/dsa-1253
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2007/dsa-1258
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2007/dsa-1265
Source: secalert@redhat.com
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
Source: secalert@redhat.com
Third Party Advisory
http://www.kb.cert.org/vuls/id/427972
Source: secalert@redhat.com
Third Party Advisory US Government Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
Source: secalert@redhat.com
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
Source: secalert@redhat.com
Broken Link
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
Source: secalert@redhat.com
Broken Link
http://www.securityfocus.com/bid/21668
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-398-1
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-398-2
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-400-1
Source: secalert@redhat.com
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA06-354A.html
Source: secalert@redhat.com
Broken Link Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/5068
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://www.vupen.com/english/advisories/2007/1124
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083
Source: secalert@redhat.com
Broken Link Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/23282
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23420
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23422
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23545
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23589
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23591
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23614
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23672
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23692
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/23988
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/24078
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/24390
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://security.gentoo.org/glsa/glsa-200701-02.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://securitytracker.com/id?1017398
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://securitytracker.com/id?1017405
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://securitytracker.com/id?1017406
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.debian.org/security/2007/dsa-1253
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2007/dsa-1258
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2007/dsa-1265
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.kb.cert.org/vuls/id/427972
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/bid/21668
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-398-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-398-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-400-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA06-354A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/5068
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www.vupen.com/english/advisories/2007/1124
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory

68 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
13.7%
94th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-835

Affected Vendors

debian canonical mozilla

Related CVEs

CVE-2026-7513 8.8
CVE-2026-7512 8.8
CVE-2026-5656 7.0
CVE-2026-5405 7.8
CVE-2026-5404 4.7