{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-04-24T00:00:00.000Z","descriptions":[{"lang":"en","value":"Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object.  NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-18T14:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"20214","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20214"},{"name":"19802","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19802"},{"name":"ADV-2006-3748","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/3748"},{"name":"oval:org.mitre.oval:def:1790","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1790"},{"name":"SSRT061145","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"20019","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20019"},{"tags":["x_refsource_MISC"],"url":"http://www.securident.com/vuln/ff.txt"},{"name":"17671","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/17671"},{"name":"GLSA-200605-06","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200605-06.xml"},{"name":"firefox-iframe-contentwindowfocus-bo(25994)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25994"},{"name":"ADV-2006-1922","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1922"},{"name":"HPSBTU02118","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"DSA-1055","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-1055"},{"name":"VU#866300","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/866300"},{"name":"20015","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20015"},{"name":"1015981","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1015981"},{"name":"ADV-2008-0083","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"ADV-2006-1614","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1614"},{"name":"SSRT061181","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"name":"20060424 Firefox Remote Code Execution and DoS 1.5.0.2","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/431878/100/0/threaded"},{"name":"HPSBUX02153","tags":["vendor-advisory","x_refsource_HP"],"url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.mozilla.org/security/announce/2006/mfsa2006-30.html"},{"name":"22066","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/22066"},{"name":"20070","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20070"},{"name":"DSA-1053","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-1053"},{"name":"780","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/780"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2006-1993","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object.  NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20214","refsource":"SECUNIA","url":"http://secunia.com/advisories/20214"},{"name":"19802","refsource":"SECUNIA","url":"http://secunia.com/advisories/19802"},{"name":"ADV-2006-3748","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/3748"},{"name":"oval:org.mitre.oval:def:1790","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1790"},{"name":"SSRT061145","refsource":"HP","url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"20019","refsource":"SECUNIA","url":"http://secunia.com/advisories/20019"},{"name":"http://www.securident.com/vuln/ff.txt","refsource":"MISC","url":"http://www.securident.com/vuln/ff.txt"},{"name":"17671","refsource":"BID","url":"http://www.securityfocus.com/bid/17671"},{"name":"GLSA-200605-06","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200605-06.xml"},{"name":"firefox-iframe-contentwindowfocus-bo(25994)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25994"},{"name":"ADV-2006-1922","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/1922"},{"name":"HPSBTU02118","refsource":"HP","url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"DSA-1055","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-1055"},{"name":"VU#866300","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/866300"},{"name":"20015","refsource":"SECUNIA","url":"http://secunia.com/advisories/20015"},{"name":"1015981","refsource":"SECTRACK","url":"http://securitytracker.com/id?1015981"},{"name":"ADV-2008-0083","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"ADV-2006-1614","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/1614"},{"name":"SSRT061181","refsource":"HP","url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"name":"20060424 Firefox Remote Code Execution and DoS 1.5.0.2","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/431878/100/0/threaded"},{"name":"HPSBUX02153","refsource":"HP","url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"name":"http://www.mozilla.org/security/announce/2006/mfsa2006-30.html","refsource":"CONFIRM","url":"http://www.mozilla.org/security/announce/2006/mfsa2006-30.html"},{"name":"22066","refsource":"SECUNIA","url":"http://secunia.com/advisories/22066"},{"name":"20070","refsource":"SECUNIA","url":"http://secunia.com/advisories/20070"},{"name":"DSA-1053","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-1053"},{"name":"780","refsource":"SREASON","url":"http://securityreason.com/securityalert/780"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T17:35:30.681Z"},"title":"CVE Program Container","references":[{"name":"20214","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20214"},{"name":"19802","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19802"},{"name":"ADV-2006-3748","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/3748"},{"name":"oval:org.mitre.oval:def:1790","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1790"},{"name":"SSRT061145","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"20019","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20019"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.securident.com/vuln/ff.txt"},{"name":"17671","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/17671"},{"name":"GLSA-200605-06","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200605-06.xml"},{"name":"firefox-iframe-contentwindowfocus-bo(25994)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25994"},{"name":"ADV-2006-1922","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1922"},{"name":"HPSBTU02118","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/434524/100/0/threaded"},{"name":"DSA-1055","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-1055"},{"name":"VU#866300","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/866300"},{"name":"20015","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20015"},{"name":"1015981","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1015981"},{"name":"ADV-2008-0083","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/0083"},{"name":"ADV-2006-1614","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1614"},{"name":"SSRT061181","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"name":"20060424 Firefox Remote Code Execution and DoS 1.5.0.2","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/431878/100/0/threaded"},{"name":"HPSBUX02153","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://www.securityfocus.com/archive/1/446658/100/200/threaded"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.mozilla.org/security/announce/2006/mfsa2006-30.html"},{"name":"22066","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/22066"},{"name":"20070","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20070"},{"name":"DSA-1053","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-1053"},{"name":"780","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/780"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2006-1993","datePublished":"2006-04-25T10:00:00.000Z","dateReserved":"2006-04-25T00:00:00.000Z","dateUpdated":"2024-08-07T17:35:30.681Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}