JVN/CVE Demo: Cveinfos

CVE

Id: 16400
CVE No.: CVE-2006-0296
Status: Candidate
Description: The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user"s localstore.rdf file.
Phase: Assigned (20060118)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
131119	16400	CVE-2006-0296	CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-05.html	View
131120	16400	CVE-2006-0296	CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=319847	View
131121	16400	CVE-2006-0296	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm	View
131122	16400	CVE-2006-0296	DEBIAN:DSA-1044	View
131123	16400	CVE-2006-0296	URL:http://www.debian.org/security/2006/dsa-1044	View
131124	16400	CVE-2006-0296	DEBIAN:DSA-1046	View
131125	16400	CVE-2006-0296	URL:http://www.debian.org/security/2006/dsa-1046	View
131126	16400	CVE-2006-0296	DEBIAN:DSA-1051	View
131127	16400	CVE-2006-0296	URL:http://www.debian.org/security/2006/dsa-1051	View
131128	16400	CVE-2006-0296	FEDORA:FEDORA-2006-075	View
131129	16400	CVE-2006-0296	URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html	View
131130	16400	CVE-2006-0296	FEDORA:FEDORA-2006-076	View
131131	16400	CVE-2006-0296	URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html	View
131132	16400	CVE-2006-0296	FEDORA:FLSA-2006:180036-2	View
131133	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/425978/100/0/threaded	View
131134	16400	CVE-2006-0296	FEDORA:FLSA:180036-1	View
131135	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/425975/100/0/threaded	View
131136	16400	CVE-2006-0296	GENTOO:GLSA-200604-12	View
131137	16400	CVE-2006-0296	URL:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	View
131138	16400	CVE-2006-0296	GENTOO:GLSA-200604-18	View
131139	16400	CVE-2006-0296	URL:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	View
131140	16400	CVE-2006-0296	GENTOO:GLSA-200605-09	View
131141	16400	CVE-2006-0296	URL:http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml	View
131142	16400	CVE-2006-0296	HP:HPSBUX02122	View
131143	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded	View
131144	16400	CVE-2006-0296	HP:SSRT061158	View
131145	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded	View
131146	16400	CVE-2006-0296	HP:HPSBUX02156	View
131147	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded	View
131148	16400	CVE-2006-0296	HP:SSRT061236	View
131149	16400	CVE-2006-0296	URL:http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded	View
131150	16400	CVE-2006-0296	MANDRIVA:MDKSA-2006:036	View
131151	16400	CVE-2006-0296	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:036	View
131152	16400	CVE-2006-0296	MANDRIVA:MDKSA-2006:078	View
131153	16400	CVE-2006-0296	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:078	View
131154	16400	CVE-2006-0296	MANDRIVA:MDKSA-2006:037	View
131155	16400	CVE-2006-0296	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:037	View
131156	16400	CVE-2006-0296	REDHAT:RHSA-2006:0199	View
131157	16400	CVE-2006-0296	URL:http://www.redhat.com/support/errata/RHSA-2006-0199.html	View
131158	16400	CVE-2006-0296	REDHAT:RHSA-2006:0200	View
131159	16400	CVE-2006-0296	URL:http://www.redhat.com/support/errata/RHSA-2006-0200.html	View
131160	16400	CVE-2006-0296	REDHAT:RHSA-2006:0330	View
131161	16400	CVE-2006-0296	URL:http://www.redhat.com/support/errata/RHSA-2006-0330.html	View
131162	16400	CVE-2006-0296	SCO:SCOSA-2006.26	View
131163	16400	CVE-2006-0296	URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	View
131164	16400	CVE-2006-0296	SGI:20060201-01-U	View
131165	16400	CVE-2006-0296	URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	View
131166	16400	CVE-2006-0296	SUNALERT:102550	View
131167	16400	CVE-2006-0296	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	View
131168	16400	CVE-2006-0296	SUNALERT:228526	View
131169	16400	CVE-2006-0296	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1	View
131170	16400	CVE-2006-0296	SUSE:SUSE-SA:2006:022	View
131171	16400	CVE-2006-0296	URL:http://www.novell.com/linux/security/advisories/2006_04_25.html	View
131172	16400	CVE-2006-0296	UBUNTU:USN-275-1	View
131173	16400	CVE-2006-0296	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-275-1	View
131174	16400	CVE-2006-0296	UBUNTU:USN-276-1	View
131175	16400	CVE-2006-0296	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-276-1	View
131176	16400	CVE-2006-0296	UBUNTU:USN-271-1	View
131177	16400	CVE-2006-0296	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-271-1	View
131178	16400	CVE-2006-0296	CERT:TA06-038A	View
131179	16400	CVE-2006-0296	URL:http://www.us-cert.gov/cas/techalerts/TA06-038A.html	View
131180	16400	CVE-2006-0296	CERT-VN:VU#592425	View
131181	16400	CVE-2006-0296	URL:http://www.kb.cert.org/vuls/id/592425	View
131182	16400	CVE-2006-0296	BID:16476	View
131183	16400	CVE-2006-0296	URL:http://www.securityfocus.com/bid/16476	View
131184	16400	CVE-2006-0296	OVAL:oval:org.mitre.oval:def:11803	View
131185	16400	CVE-2006-0296	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11803	View
131186	16400	CVE-2006-0296	VUPEN:ADV-2006-0413	View
131187	16400	CVE-2006-0296	URL:http://www.vupen.com/english/advisories/2006/0413	View
131188	16400	CVE-2006-0296	VUPEN:ADV-2006-3391	View
131189	16400	CVE-2006-0296	URL:http://www.vupen.com/english/advisories/2006/3391	View
131190	16400	CVE-2006-0296	VUPEN:ADV-2006-3749	View
131191	16400	CVE-2006-0296	URL:http://www.vupen.com/english/advisories/2006/3749	View
131192	16400	CVE-2006-0296	OVAL:oval:org.mitre.oval:def:1493	View
131193	16400	CVE-2006-0296	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1493	View
131194	16400	CVE-2006-0296	SECTRACK:1015570	View
131195	16400	CVE-2006-0296	URL:http://securitytracker.com/id?1015570	View
131196	16400	CVE-2006-0296	SECUNIA:18700	View
131197	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18700	View
131198	16400	CVE-2006-0296	SECUNIA:18703	View
131199	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18703	View
131200	16400	CVE-2006-0296	SECUNIA:18704	View
131201	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18704	View
131202	16400	CVE-2006-0296	SECUNIA:18708	View
131203	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18708	View
131204	16400	CVE-2006-0296	SECUNIA:18709	View
131205	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18709	View
131206	16400	CVE-2006-0296	SECUNIA:18705	View
131207	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18705	View
131208	16400	CVE-2006-0296	SECUNIA:18706	View
131209	16400	CVE-2006-0296	URL:http://secunia.com/advisories/18706	View
131210	16400	CVE-2006-0296	SECUNIA:19230	View
131211	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19230	View
131212	16400	CVE-2006-0296	SECUNIA:19759	View
131213	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19759	View
131214	16400	CVE-2006-0296	SECUNIA:19821	View
131215	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19821	View
131216	16400	CVE-2006-0296	SECUNIA:19823	View
131217	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19823	View
131218	16400	CVE-2006-0296	SECUNIA:19852	View
131219	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19852	View
131220	16400	CVE-2006-0296	SECUNIA:19862	View
131221	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19862	View
131222	16400	CVE-2006-0296	SECUNIA:19863	View
131223	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19863	View
131224	16400	CVE-2006-0296	SECUNIA:19902	View
131225	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19902	View
131226	16400	CVE-2006-0296	SECUNIA:19950	View
131227	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19950	View
131228	16400	CVE-2006-0296	SECUNIA:19941	View
131229	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19941	View
131230	16400	CVE-2006-0296	SECUNIA:19746	View
131231	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19746	View
131232	16400	CVE-2006-0296	SECUNIA:21033	View
131233	16400	CVE-2006-0296	URL:http://secunia.com/advisories/21033	View
131234	16400	CVE-2006-0296	SECUNIA:21622	View
131235	16400	CVE-2006-0296	URL:http://secunia.com/advisories/21622	View
131236	16400	CVE-2006-0296	SECUNIA:19780	View
131237	16400	CVE-2006-0296	URL:http://secunia.com/advisories/19780	View
131238	16400	CVE-2006-0296	SECUNIA:20051	View
131239	16400	CVE-2006-0296	URL:http://secunia.com/advisories/20051	View
131240	16400	CVE-2006-0296	SECUNIA:22065	View
131241	16400	CVE-2006-0296	URL:http://secunia.com/advisories/22065	View
131242	16400	CVE-2006-0296	XF:mozilla-xuldocument-command-execution(24434)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
57888	JVNDB-2006-000084	Mozilla 製品の XML パーサにおけるサービス運用妨害 (DoS) の脆弱性	------------	CVE-2006-0298	16400	5		http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000084.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.45 MB
View render complete	3.06 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.70
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	827.58
Event: Controller.beforeRender	5.37
» Processing toolbar data	5.24
Rendering View	34.20
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	32.89
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.76
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.14
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/16400
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/16400
Remote Port	48321
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.173
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.25.50
Http Via	1.1 squid-proxy-5b5d847c96-mtcd4 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.173
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.173
Unique Id	aMSpoyxE3qisguW7dKHk3QAAAig
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.173
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.173
Redirect Unique Id	aMSpoyxE3qisguW7dKHk3QAAAig
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.173
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.173
Redirect Redirect Unique Id	aMSpoyxE3qisguW7dKHk3QAAAig
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1757718947.9414
Request Time	1757718947

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files