{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2539?format=json","vulnerability_id":"VCID-2sdu-6918-myba","summary":"Garbage collection hazards have been found in the JavaScript\nengine where some routines used temporary variables\nthat were not properly protected (rooted). Specially crafted objects\ncould contain a user-defined method that would be called during\nthe lifetime of these temporaries. If this method triggered\ngarbage collection the engine would operate on the unexpectedly freed\ntemporary object when it returned from the user-defined routine.The risk appears remote, but this type of memory corruption could\npotentially be used by an attacker to run arbitrary code.CVE-2006-0293 was introduced during Firefox 1.5 development and does not\naffect Firefox 1.0. CVE-2006-0292 affects all versions of Firefox.Thunderbird shares the JavaScript engine with Firefox\nand could be vulnerable if JavaScript is enabled in mail. This is not\nthe default setting; we strongly discourage users from running\nJavaScript in mail.Update (13 April 2006)\nThis flaw has been fixed in Thunderbird 1.5.0.2Updated versions of Firefox 1.0, Thunderbird 1.0, and the Mozilla Suite 1.7\nhave been released containing this fix.","aliases":[{"alias":"CVE-2006-0293"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1102?format=json","purl":"pkg:mozilla/Firefox@1.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@1.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/1106?format=json","purl":"pkg:mozilla/Mozilla%20Suite@1.7.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Mozilla%2520Suite@1.7.13"},{"url":"http://public2.vulnerablecode.io/api/packages/1105?format=json","purl":"pkg:mozilla/SeaMonkey@1.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1104?format=json","purl":"pkg:mozilla/Thunderbird@1.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@1.0.8"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0293","reference_id":"CVE-2006-0293","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0293"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2006-01","reference_id":"mfsa2006-01","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2006-01"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2sdu-6918-myba"}