Action not permitted
Modal body text goes here.
rhsa-2006_0594
Vulnerability from csaf_redhat
Published
2006-08-28 11:30
Modified
2024-11-22 00:27
Summary
Red Hat Security Advisory: seamonkey security update (was mozilla)
Notes
Topic
Updated seamonkey packages that fix several security bugs in the mozilla
packages are now available for Red Hat Enterprise Linux 2.1.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.
The Mozilla Foundation has discontinued support for the Mozilla Suite. This
update deprecates the Mozilla Suite in Red Hat Enterprise Linux 2.1 in
favor of the supported SeaMonkey Suite.
This update also resolves a number of outstanding Mozilla security issues:
Several flaws were found in the way SeaMonkey processed certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware. (CVE-2006-2776,
CVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,
CVE-2006-3812)
Several denial of service flaws were found in the way SeaMonkey processed
certain web content. A malicious web page could crash the browser or
possibly execute arbitrary code as the user running SeaMonkey.
(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,
CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)
Two flaws were found in the way SeaMonkey Messenger displayed malformed
inline vcard attachments. If a victim viewed an email message containing
a carefully crafted vcard it was possible to execute arbitrary code as the
user running SeaMonkey Messenger. (CVE-2006-2781, CVE-2006-3804)
A cross-site scripting flaw was found in the way SeaMonkey processed
Unicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web
page could execute a script within the browser that a web input sanitizer
could miss due to a malformed "script" tag. (CVE-2006-2783)
Several flaws were found in the way SeaMonkey processed certain javascript
actions. A malicious web page could conduct a cross-site scripting attack
or steal sensitive information (such as cookies owned by other domains).
(CVE-2006-3802, CVE-2006-3810)
A form file upload flaw was found in the way SeaMonkey handled javascript
input object mutation. A malicious web page could upload an arbitrary local
file at form submission time without user interaction. (CVE-2006-2782)
A denial of service flaw was found in the way SeaMonkey called the
crypto.signText() javascript function. A malicious web page could crash the
browser if the victim had a client certificate loaded. (CVE-2006-2778)
Two HTTP response smuggling flaws were found in the way SeaMonkey processed
certain invalid HTTP response headers. A malicious web site could return
specially crafted HTTP response headers which may bypass HTTP proxy
restrictions. (CVE-2006-2786)
A flaw was found in the way SeaMonkey processed Proxy AutoConfig scripts. A
malicious Proxy AutoConfig server could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware. (CVE-2006-3808)
A double free flaw was found in the way the nsIX509::getRawDER method was
called. If a victim visited a carefully crafted web page it was possible to
execute arbitrary code as the user running SeaMonkey. (CVE-2006-2788)
Users of Mozilla are advised to upgrade to this update, which contains
SeaMonkey version 1.0.3 that corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated seamonkey packages that fix several security bugs in the mozilla\npackages are now available for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "SeaMonkey is an open source Web browser, advanced email and newsgroup\nclient, IRC chat client, and HTML editor.\n\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 2.1 in\nfavor of the supported SeaMonkey Suite.\n\nThis update also resolves a number of outstanding Mozilla security issues:\n\nSeveral flaws were found in the way SeaMonkey processed certain javascript\nactions. A malicious web page could execute arbitrary javascript\ninstructions with the permissions of \"chrome\", allowing the page to steal\nsensitive information or install browser malware. (CVE-2006-2776,\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\nCVE-2006-3812)\n\nSeveral denial of service flaws were found in the way SeaMonkey processed\ncertain web content. A malicious web page could crash the browser or\npossibly execute arbitrary code as the user running SeaMonkey.\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\n\nTwo flaws were found in the way SeaMonkey Messenger displayed malformed\ninline vcard attachments. If a victim viewed an email message containing\na carefully crafted vcard it was possible to execute arbitrary code as the\nuser running SeaMonkey Messenger. (CVE-2006-2781, CVE-2006-3804)\n\nA cross-site scripting flaw was found in the way SeaMonkey processed\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\npage could execute a script within the browser that a web input sanitizer\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\n\nSeveral flaws were found in the way SeaMonkey processed certain javascript\nactions. A malicious web page could conduct a cross-site scripting attack\nor steal sensitive information (such as cookies owned by other domains).\n(CVE-2006-3802, CVE-2006-3810)\n\nA form file upload flaw was found in the way SeaMonkey handled javascript\ninput object mutation. A malicious web page could upload an arbitrary local\nfile at form submission time without user interaction. (CVE-2006-2782)\n\nA denial of service flaw was found in the way SeaMonkey called the\ncrypto.signText() javascript function. A malicious web page could crash the\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\n\nTwo HTTP response smuggling flaws were found in the way SeaMonkey processed\ncertain invalid HTTP response headers. A malicious web site could return\nspecially crafted HTTP response headers which may bypass HTTP proxy\nrestrictions. (CVE-2006-2786)\n\nA flaw was found in the way SeaMonkey processed Proxy AutoConfig scripts. A\nmalicious Proxy AutoConfig server could execute arbitrary javascript\ninstructions with the permissions of \"chrome\", allowing the page to steal\nsensitive information or install browser malware. (CVE-2006-3808)\n\nA double free flaw was found in the way the nsIX509::getRawDER method was\ncalled. If a victim visited a carefully crafted web page it was possible to\nexecute arbitrary code as the user running SeaMonkey. (CVE-2006-2788)\n\nUsers of Mozilla are advised to upgrade to this update, which contains\nSeaMonkey version 1.0.3 that corrects these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2006:0594", "url": "https://access.redhat.com/errata/RHSA-2006:0594" }, { "category": "external", "summary": "http://www.redhat.com/security/updates/classification/#critical", "url": "http://www.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "198686", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=198686" }, { "category": "external", "summary": "198687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=198687" }, { "category": "external", "summary": "200167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=200167" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0594.json" } ], "title": "Red Hat Security Advisory: seamonkey security update (was mozilla)", "tracking": { "current_release_date": "2024-11-22T00:27:05+00:00", "generator": { "date": "2024-11-22T00:27:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2006:0594", "initial_release_date": "2006-08-28T11:30:00+00:00", "revision_history": [ { "date": "2006-08-28T11:30:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2006-09-15T09:27:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T00:27:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product": { "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as" } } }, { "category": "product_name", "name": "Red Hat Linux Advanced Workstation 2.1", "product": { "name": "Red Hat Linux Advanced Workstation 2.1", "product_id": "Red Hat Linux Advanced Workstation 2.1", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 2.1", "product": { "name": "Red Hat Enterprise Linux ES version 2.1", "product_id": "Red Hat Enterprise Linux ES version 2.1", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 2.1", "product": { "name": "Red Hat Enterprise Linux WS version 2.1", "product_id": "Red Hat Enterprise Linux WS version 2.1", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-2776", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618112" } ], "notes": [ { "category": "description", "text": "Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2776" }, { "category": "external", "summary": "RHBZ#1618112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618112" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2776", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2776" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2776", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2776" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2778", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618113" } ], "notes": [ { "category": "description", "text": "The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2778" }, { "category": "external", "summary": "RHBZ#1618113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618113" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2778", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2778" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2778", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2778" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2779", "discovery_date": "2006-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618114" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested \u003coption\u003e tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) \"Content-implemented tree views,\" (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2779" }, { "category": "external", "summary": "RHBZ#1618114", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618114" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2779", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2779" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2779", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2779" } ], "release_date": "2006-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-2780", "discovery_date": "2006-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618115" } ], "notes": [ { "category": "description", "text": "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2780" }, { "category": "external", "summary": "RHBZ#1618115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618115" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2780", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2780" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2780", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2780" } ], "release_date": "2006-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-2781", "discovery_date": "2006-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "193963" } ], "notes": [ { "category": "description", "text": "Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "(seamonkey): DOS/arbitrary code execution vuln with vcards", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2781" }, { "category": "external", "summary": "RHBZ#193963", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=193963" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2781", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2781" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2781", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2781" } ], "release_date": "2006-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "(seamonkey): DOS/arbitrary code execution vuln with vcards" }, { "cve": "CVE-2006-2782", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618116" } ], "notes": [ { "category": "description", "text": "Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2782" }, { "category": "external", "summary": "RHBZ#1618116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2782", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2782" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2782", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2782" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2783", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618117" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2783" }, { "category": "external", "summary": "RHBZ#1618117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618117" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2783", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2783" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2783", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2783" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2784", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618118" } ], "notes": [ { "category": "description", "text": "The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the \"Manual Install\" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2784" }, { "category": "external", "summary": "RHBZ#1618118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618118" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2784", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2784" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2784", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2784" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2785", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618119" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2785" }, { "category": "external", "summary": "RHBZ#1618119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618119" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2785", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2785" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2786", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618120" } ], "notes": [ { "category": "description", "text": "HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2786" }, { "category": "external", "summary": "RHBZ#1618120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618120" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2786", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2786" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2786", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2786" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2787", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618121" } ], "notes": [ { "category": "description", "text": "EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2787" }, { "category": "external", "summary": "RHBZ#1618121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618121" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2787", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2787" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2787", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2787" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-2788", "discovery_date": "2006-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618122" } ], "notes": [ { "category": "description", "text": "Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-2788" }, { "category": "external", "summary": "RHBZ#1618122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618122" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-2788", "url": "https://www.cve.org/CVERecord?id=CVE-2006-2788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2788" } ], "release_date": "2006-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-3113", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618135" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3113" }, { "category": "external", "summary": "RHBZ#1618135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3113", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3113" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3113", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3113" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3677", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618153" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3677" }, { "category": "external", "summary": "RHBZ#1618153", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618153" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3677", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3677" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3677", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3677" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3801", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618161" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3801" }, { "category": "external", "summary": "RHBZ#1618161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618161" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3801", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3801" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3801", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3801" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3802", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618162" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3802" }, { "category": "external", "summary": "RHBZ#1618162", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618162" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3802", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3802" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3802", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3802" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-3803", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618163" } ], "notes": [ { "category": "description", "text": "Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3803" }, { "category": "external", "summary": "RHBZ#1618163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618163" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3803", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3803" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3804", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618164" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3804" }, { "category": "external", "summary": "RHBZ#1618164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618164" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3804", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3804" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3804", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3804" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3805", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618165" } ], "notes": [ { "category": "description", "text": "The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3805" }, { "category": "external", "summary": "RHBZ#1618165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3805", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3805" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3805", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3805" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3806", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618166" } ], "notes": [ { "category": "description", "text": "Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified \"string function arguments.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3806" }, { "category": "external", "summary": "RHBZ#1618166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3806", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3806" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3806", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3806" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3807", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618167" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling \"named JavaScript functions\" that use the constructor.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3807" }, { "category": "external", "summary": "RHBZ#1618167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3807" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3808", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618168" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3808" }, { "category": "external", "summary": "RHBZ#1618168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3808", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3808" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3808", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3808" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-3809", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618169" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3809" }, { "category": "external", "summary": "RHBZ#1618169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3809", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3809" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3810", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618170" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3810" }, { "category": "external", "summary": "RHBZ#1618170", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618170" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3810", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3810" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-3811", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618171" } ], "notes": [ { "category": "description", "text": "Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) \"anonymous box selectors outside of UA stylesheets,\" (5) stale references to \"removed nodes,\" and (6) running the crypto.generateCRMFRequest callback on deleted context.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3811" }, { "category": "external", "summary": "RHBZ#1618171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3811", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3811" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3811", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3811" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-3812", "discovery_date": "2006-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "200455" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.", "title": "Vulnerability description" }, { "category": "summary", "text": "vulnerabilities: CVE-2006-{3113,3677,3801-3812}", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3812" }, { "category": "external", "summary": "RHBZ#200455", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=200455" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3812", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3812" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3812", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3812" } ], "release_date": "2006-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-08-28T11:30:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0594" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "vulnerabilities: CVE-2006-{3113,3677,3801-3812}" } ] }
cve-2006-3810
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:37.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "oval:org.mitre.oval:def:10113", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10113" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "VU#911004", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/911004" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-54.html" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "mozilla-xpcnativewrapper-xss(27991)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27991" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "oval:org.mitre.oval:def:10113", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10113" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "VU#911004", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/911004" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-54.html" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "mozilla-xpcnativewrapper-xss(27991)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27991" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3810", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:37.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3807
Vulnerability from cvelistv5
Published
2006-07-27 19:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.665Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "mozilla-js-constructor-code-execution(27988)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27988" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "VU#687396", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/687396" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "oval:org.mitre.oval:def:10374", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10374" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-51.html" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling \"named JavaScript functions\" that use the constructor." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "mozilla-js-constructor-code-execution(27988)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27988" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "VU#687396", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/687396" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "oval:org.mitre.oval:def:10374", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10374" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-51.html" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3807", "datePublished": "2006-07-27T19:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.665Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3809
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.179Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "oval:org.mitre.oval:def:9753", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9753" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-53.html" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "mozilla-universalbrowserread-escalation(27990)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27990" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "oval:org.mitre.oval:def:9753", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9753" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-53.html" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "mozilla-universalbrowserread-escalation(27990)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27990" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3809", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.179Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2786
Vulnerability from cvelistv5
Published
2006-06-02 20:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:26.045Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "mozilla-http-response-smuggling(26844)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26844" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9966", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9966" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-33.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "mozilla-http-response-smuggling(26844)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26844" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9966", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9966" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-33.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2786", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "mozilla-http-response-smuggling(26844)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26844" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9966", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9966" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-33.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-33.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2786", "datePublished": "2006-06-02T20:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:26.045Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2785
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:26.042Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "mozilla-viewimage-xss(26845)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26845" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10545", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10545" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "mozilla-viewimage-xss(26845)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26845" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10545", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10545" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2785", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "mozilla-viewimage-xss(26845)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26845" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10545", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10545" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2785", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:26.042Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2784
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:25.795Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "oval:org.mitre.oval:def:9768", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9768" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-36.html" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "mozilla-pluginspage-code-execution(26847)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26847" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the \"Manual Install\" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "oval:org.mitre.oval:def:9768", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9768" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-36.html" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "mozilla-pluginspage-code-execution(26847)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26847" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2784", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the \"Manual Install\" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "oval:org.mitre.oval:def:9768", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9768" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-36.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-36.html" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "mozilla-pluginspage-code-execution(26847)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26847" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2784", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:25.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2780
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 17:58
Severity ?
EPSS score ?
Summary
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:58:52.315Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "27216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:11305", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "27216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:11305", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2780", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "27216", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:11305", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305" }, { "name": "TA06-153A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2780", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T17:58:52.315Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2788
Vulnerability from cvelistv5
Published
2006-06-02 21:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:25.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=321598" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "22247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22247" }, { "name": "DSA-1191", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.us.debian.org/security/2006/dsa-1191" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "DSA-1210", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1210" }, { "name": "22849", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22849" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "oval:org.mitre.oval:def:11065", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11065" }, { "name": "DSA-1192", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1192" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22299", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22299" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=321598" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "22247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22247" }, { "name": "DSA-1191", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.us.debian.org/security/2006/dsa-1191" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "DSA-1210", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1210" }, { "name": "22849", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22849" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "oval:org.mitre.oval:def:11065", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11065" }, { "name": "DSA-1192", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1192" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22299", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22299" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-2788", "datePublished": "2006-06-02T21:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:25.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3804
Vulnerability from cvelistv5
Published
2006-07-27 19:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:39.050Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "mozilla-vcard-base64-bo(27985)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27985" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-49.html" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "oval:org.mitre.oval:def:11395", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11395" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "VU#897540", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/897540" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "mozilla-vcard-base64-bo(27985)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27985" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-49.html" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "oval:org.mitre.oval:def:11395", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11395" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "VU#897540", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/897540" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3804", "datePublished": "2006-07-27T19:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:39.050Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2779
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 17:58
Severity ?
EPSS score ?
Summary
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:58:52.270Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "27216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9762", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9762" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested \u003coption\u003e tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) \"Content-implemented tree views,\" (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "27216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9762", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9762" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2779", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested \u003coption\u003e tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) \"Content-implemented tree views,\" (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "27216", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27216" }, { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "DSA-1160", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#466673", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/466673" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "mozilla-browserengine-memory-corruption(26843)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "oval:org.mitre.oval:def:9762", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9762" }, { "name": "TA06-153A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21654" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "21634", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21634" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "ADV-2007-3488", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3488" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "200387", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "102943", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" }, { "name": "DSA-1159", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1159" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2779", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T17:58:52.270Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3113
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:16
Severity ?
EPSS score ?
Summary
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:16:05.849Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "VU#239124", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/239124" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://secunia.com/secunia_research/2006-53/advisory/" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "mozilla-xpcom-memory-corruption(27982)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27982" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "19197", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19197" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "20060727 Secunia Research: Mozilla Firefox XPCOM Event Handling MemoryCorruption", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441330/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-46.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "oval:org.mitre.oval:def:10261", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10261" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera" }, "references": [ { "name": "VU#239124", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/239124" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "tags": [ "x_refsource_MISC" ], "url": "http://secunia.com/secunia_research/2006-53/advisory/" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "mozilla-xpcom-memory-corruption(27982)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27982" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "19197", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19197" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "20060727 Secunia Research: Mozilla Firefox XPCOM Event Handling MemoryCorruption", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441330/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-46.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "oval:org.mitre.oval:def:10261", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10261" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2006-3113", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "VU#239124", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/239124" }, { "name": "21243", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "http://secunia.com/secunia_research/2006-53/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-53/advisory/" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22055" }, { "name": "mozilla-xpcom-memory-corruption(27982)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27982" }, { "name": "ADV-2006-2998", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21529" }, { "name": "19197", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19197" }, { "name": "21216", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "20060727 Secunia Research: Mozilla Firefox XPCOM Event Handling MemoryCorruption", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441330/100/0/threaded" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-46.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-46.html" }, { "name": "21229", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21229" }, { "name": "oval:org.mitre.oval:def:10261", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10261" }, { "name": "1016587", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21358" }, { "name": "https://issues.rpath.com/browse/RPL-536", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "https://issues.rpath.com/browse/RPL-537", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2006-3113", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-06-21T00:00:00", "dateUpdated": "2024-08-07T18:16:05.849Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2778
Vulnerability from cvelistv5
Published
2006-06-02 18:00
Modified
2024-08-07 17:58
Severity ?
EPSS score ?
Summary
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:58:52.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-38.html" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-crypto-signtext-bo(26849)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26849" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "oval:org.mitre.oval:def:9703", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9703" }, { "name": "VU#421529", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/421529" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-38.html" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-crypto-signtext-bo(26849)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26849" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "oval:org.mitre.oval:def:9703", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9703" }, { "name": "VU#421529", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/421529" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2778", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "ADV-2007-0058", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-38.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-38.html" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-crypto-signtext-bo(26849)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26849" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "102763", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" }, { "name": "oval:org.mitre.oval:def:9703", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9703" }, { "name": "VU#421529", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/421529" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2778", "datePublished": "2006-06-02T18:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T17:58:52.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2783
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:25.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "APPLE-SA-2009-06-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "ADV-2009-1522", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "35379", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35379" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-bom-utf8-xss(26852)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26852" }, { "name": "APPLE-SA-2008-07-11", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "oval:org.mitre.oval:def:10772", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "ADV-2008-2094", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/2094/references" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3613" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "31074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31074" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "APPLE-SA-2009-06-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "ADV-2009-1522", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "35379", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35379" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-bom-utf8-xss(26852)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26852" }, { "name": "APPLE-SA-2008-07-11", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "oval:org.mitre.oval:def:10772", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "ADV-2008-2094", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/2094/references" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3613" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "31074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31074" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2783", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "APPLE-SA-2009-06-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "ADV-2009-1522", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "35379", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35379" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "mozilla-bom-utf8-xss(26852)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26852" }, { "name": "APPLE-SA-2008-07-11", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "oval:org.mitre.oval:def:10772", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "ADV-2008-2094", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2094/references" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "http://support.apple.com/kb/HT3613", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3613" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" }, { "name": "31074", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31074" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2783", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:25.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3802
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "oval:org.mitre.oval:def:9611", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9611" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-47.html" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "mozilla-dom-method-xss(27983)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27983" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "oval:org.mitre.oval:def:9611", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9611" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-47.html" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "mozilla-dom-method-xss(27983)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27983" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3802", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3801
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:39
Severity ?
EPSS score ?
Summary
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:39:54.111Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "oval:org.mitre.oval:def:11501", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11501" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "mozilla-deleted-frame-code-execution(27980)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27980" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "VU#476724", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/476724" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-44.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "oval:org.mitre.oval:def:11501", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11501" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "mozilla-deleted-frame-code-execution(27980)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27980" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "VU#476724", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/476724" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-44.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3801", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:39:54.111Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3805
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:37.967Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "VU#876420", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/876420" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-50.html" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "oval:org.mitre.oval:def:10690", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10690" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "mozilla-garbage-collection-object-deletion(27986)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27986" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "VU#876420", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/876420" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-50.html" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "oval:org.mitre.oval:def:10690", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10690" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "mozilla-garbage-collection-object-deletion(27986)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27986" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3805", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:37.967Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2781
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:25.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "mozilla-vcard-doublefree-memory-corruption(26850)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26850" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10247", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10247" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "20394", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20394" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-40.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "mozilla-vcard-doublefree-memory-corruption(26850)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26850" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10247", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10247" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "20394", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20394" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-40.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2781", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "mozilla-vcard-doublefree-memory-corruption(26850)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26850" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "oval:org.mitre.oval:def:10247", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10247" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "20394", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20394" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-40.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-40.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2781", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:25.949Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2782
Vulnerability from cvelistv5
Published
2006-06-02 19:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:26.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-41.html" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "mozilla-firefox-textbox-file-access(26851)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26851" }, { "name": "oval:org.mitre.oval:def:10429", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10429" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-41.html" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "mozilla-firefox-textbox-file-access(26851)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26851" }, { "name": "oval:org.mitre.oval:def:10429", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10429" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2782", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-41.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-41.html" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "mozilla-firefox-textbox-file-access(26851)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26851" }, { "name": "oval:org.mitre.oval:def:10429", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10429" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2782", "datePublished": "2006-06-02T19:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:26.040Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3806
Vulnerability from cvelistv5
Published
2006-07-27 19:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.552Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#655892", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/655892" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "oval:org.mitre.oval:def:11232", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-50.html" }, { "name": "mozilla-javascript-engine-overflow(27987)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27987" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified \"string function arguments.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "VU#655892", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/655892" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "oval:org.mitre.oval:def:11232", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "ADV-2007-0058", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0058" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-50.html" }, { "name": "mozilla-javascript-engine-overflow(27987)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27987" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "102763", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3806", "datePublished": "2006-07-27T19:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.552Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3811
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.197Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-55.html" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "ADV-2007-2350", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2350" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "mozilla-multiple-memory-corruption(27992)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27992" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "102971", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102971-1" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "oval:org.mitre.oval:def:9934", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9934" }, { "name": "25839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25839" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "VU#527676", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/527676" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) \"anonymous box selectors outside of UA stylesheets,\" (5) stale references to \"removed nodes,\" and (6) running the crypto.generateCRMFRequest callback on deleted context." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-55.html" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "ADV-2007-2350", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2350" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "mozilla-multiple-memory-corruption(27992)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27992" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "102971", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102971-1" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "oval:org.mitre.oval:def:9934", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9934" }, { "name": "25839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25839" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "VU#527676", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/527676" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3811", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.197Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3808
Vulnerability from cvelistv5
Published
2006-07-27 20:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.745Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-52.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21634" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "mozilla-pac-code-execution(27989)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27989" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "oval:org.mitre.oval:def:10845", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10845" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22342" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-1161", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1161" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "DSA-1160", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1160" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "USN-361-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-361-1" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-52.html" }, { "name": "21654", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21654" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21634" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "mozilla-pac-code-execution(27989)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27989" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "oval:org.mitre.oval:def:10845", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10845" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "21675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21675" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "22342", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22342" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" }, { "name": "DSA-1159", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1159" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3808", "datePublished": "2006-07-27T20:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.745Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2776
Vulnerability from cvelistv5
Published
2006-06-02 18:00
Modified
2024-08-07 17:58
Severity ?
EPSS score ?
Summary
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:58:52.243Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "102800", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "mozilla-contentdefined-code-execution(26848)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26848" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "oval:org.mitre.oval:def:9849", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9849" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "VU#575969", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/575969" }, { "name": "24108", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24108" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "ADV-2007-0573", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0573" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-37.html" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "102800", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1" }, { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "mozilla-contentdefined-code-execution(26848)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26848" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "oval:org.mitre.oval:def:9849", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9849" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "VU#575969", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/575969" }, { "name": "24108", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24108" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "ADV-2007-0573", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0573" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-37.html" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2776", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "102800", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1" }, { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "TA06-153A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "mozilla-contentdefined-code-execution(26848)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26848" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "oval:org.mitre.oval:def:9849", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9849" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "VU#575969", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/575969" }, { "name": "24108", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24108" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "ADV-2007-0573", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0573" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-37.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-37.html" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2776", "datePublished": "2006-06-02T18:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T17:58:52.243Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3803
Vulnerability from cvelistv5
Published
2006-07-27 19:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:37.876Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "mozilla-javascript-garbage-race-condition(27984)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27984" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21358" }, { "name": "VU#265964", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/265964" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "oval:org.mitre.oval:def:10635", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-48.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "1016588", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016588" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "mozilla-javascript-garbage-race-condition(27984)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27984" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "21228", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21228" }, { "name": "21250", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21250" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "21358", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21358" }, { "name": "VU#265964", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/265964" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-537" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "oval:org.mitre.oval:def:10635", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-48.html" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3803", "datePublished": "2006-07-27T19:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:37.876Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3677
Vulnerability from cvelistv5
Published
2006-07-27 19:00
Modified
2024-08-07 18:39
Severity ?
EPSS score ?
Summary
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:39:53.571Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441332/100/0/threaded" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "iphone-mobilesafari-dos(39998)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39998" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "mozilla-javascript-navigator-code-excecution(27981)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27981" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html" }, { "name": "oval:org.mitre.oval:def:10745", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "VU#670060", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/670060" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "19192", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19192" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441332/100/0/threaded" }, { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "iphone-mobilesafari-dos(39998)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39998" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "mozilla-javascript-navigator-code-excecution(27981)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27981" }, { "name": "TA06-208A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "ADV-2006-2998", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html" }, { "name": "oval:org.mitre.oval:def:10745", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "VU#670060", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/670060" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "19192", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19192" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3677", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441332/100/0/threaded" }, { "name": "21243", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "iphone-mobilesafari-dos(39998)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39998" }, { "name": "19181", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19181" }, { "name": "mozilla-javascript-navigator-code-excecution(27981)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27981" }, { "name": "TA06-208A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" }, { "name": "ADV-2006-2998", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2998" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21529" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html" }, { "name": "oval:org.mitre.oval:def:10745", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745" }, { "name": "21216", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "VU#670060", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/670060" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22210" }, { "name": "1016586", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21262" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "21246", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "https://issues.rpath.com/browse/RPL-536", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "21343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "19192", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19192" }, { "name": "USN-354-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3677", "datePublished": "2006-07-27T19:00:00", "dateReserved": "2006-07-18T00:00:00", "dateUpdated": "2024-08-07T18:39:53.571Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-3812
Vulnerability from cvelistv5
Published
2006-07-29 00:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:48:38.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "VU#398492", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/398492" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "oval:org.mitre.oval:def:11013", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11013" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22055" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "mozilla-chrome-information-disclosure(27993)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27993" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-56.html" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "21243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21243" }, { "name": "RHSA-2006:0608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html" }, { "name": "GLSA-200608-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml" }, { "name": "VU#398492", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/398492" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "oval:org.mitre.oval:def:11013", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11013" }, { "name": "19181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19181" }, { "name": "22055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22055" }, { "name": "20060727 rPSA-2006-0137-1 firefox", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded" }, { "name": "21529", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21529" }, { "name": "21216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21216" }, { "name": "GLSA-200608-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "USN-329-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/329-1/" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "22210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22210" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "1016586", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016586" }, { "name": "19873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19873" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "USN-327-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/327-1/" }, { "name": "21361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21361" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "mozilla-chrome-information-disclosure(27993)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27993" }, { "name": "21275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21275" }, { "name": "21246", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21246" }, { "name": "SUSE-SA:2006:048", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" }, { "name": "21229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21229" }, { "name": "1016587", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016587" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-56.html" }, { "name": "USN-350-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-350-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-536" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "GLSA-200608-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200608-04.xml" }, { "name": "21343", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21343" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "USN-354-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-354-1" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-3812", "datePublished": "2006-07-29T00:00:00", "dateReserved": "2006-07-24T00:00:00", "dateUpdated": "2024-08-07T18:48:38.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2787
Vulnerability from cvelistv5
Published
2006-06-02 20:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:06:26.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-31.html" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20382" }, { "name": "mozilla-valueof-sandbox-bypass(26842)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26842" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21183" }, { "name": "oval:org.mitre.oval:def:9491", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22065" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-31.html" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20382" }, { "name": "mozilla-valueof-sandbox-bypass(26842)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26842" }, { "name": "1016214", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21183" }, { "name": "oval:org.mitre.oval:def:9491", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22065" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2787", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20709", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20709" }, { "name": "21176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21176" }, { "name": "MDKSA-2006:145", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" }, { "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-31.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-31.html" }, { "name": "ADV-2006-3748", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "USN-297-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-3/" }, { "name": "USN-296-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-1/" }, { "name": "USN-323-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/323-1/" }, { "name": "20561", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20561" }, { "name": "21210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21210" }, { "name": "RHSA-2006:0594", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" }, { "name": "21336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21336" }, { "name": "20382", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20382" }, { "name": "mozilla-valueof-sandbox-bypass(26842)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26842" }, { "name": "1016214", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016214" }, { "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" }, { "name": "ADV-2006-3749", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3749" }, { "name": "RHSA-2006:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" }, { "name": "20376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20376" }, { "name": "MDKSA-2006:146", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" }, { "name": "RHSA-2006:0609", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" }, { "name": "21178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21178" }, { "name": "1016202", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016202" }, { "name": "21607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21607" }, { "name": "18228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18228" }, { "name": "21532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21532" }, { "name": "21270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21270" }, { "name": "ADV-2008-0083", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0083" }, { "name": "21188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21188" }, { "name": "21134", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21134" }, { "name": "21631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21631" }, { "name": "SSRT061181", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "SSRT061236", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "USN-296-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/296-2/" }, { "name": "GLSA-200606-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" }, { "name": "DSA-1118", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1118" }, { "name": "HPSBUX02153", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" }, { "name": "DSA-1120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1120" }, { "name": "RHSA-2006:0611", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" }, { "name": "HPSBUX02156", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" }, { "name": "DSA-1134", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1134" }, { "name": "GLSA-200606-12", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" }, { "name": "21324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21324" }, { "name": "21183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21183" }, { "name": "oval:org.mitre.oval:def:9491", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491" }, { "name": "22066", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22066" }, { "name": "21269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21269" }, { "name": "SUSE-SA:2006:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" }, { "name": "USN-297-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/297-1/" }, { "name": "RHSA-2006:0578", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" }, { "name": "ADV-2006-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2106" }, { "name": "MDKSA-2006:143", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" }, { "name": "22065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22065" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2787", "datePublished": "2006-06-02T20:00:00", "dateReserved": "2006-06-02T00:00:00", "dateUpdated": "2024-08-07T18:06:26.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.