CVE-2006-1733 Information

Feb 14, 2021 cve

Description

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8 Mozilla Suite before 1.7.13 and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding or (3) \by inserting an XBL method into the DOM’s document.body prototype chain.\

Reference

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http://secunia.com/advisories/19759 http://secunia.com/advisories/19780 http://secunia.com/advisories/19794 http://secunia.com/advisories/19811 http://secunia.com/advisories/19821 http://secunia.com/advisories/19823 http://secunia.com/advisories/19852 http://secunia.com/advisories/19862 http://secunia.com/advisories/19863 http://secunia.com/advisories/19902 http://secunia.com/advisories/19941 http://secunia.com/advisories/19950 http://secunia.com/advisories/20051 http://secunia.com/advisories/21033 http://secunia.com/advisories/21622 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.debian.org/security/2006/dsa-1044 http://www.debian.org/security/2006/dsa-1046 http://www.debian.org/security/2006/dsa-1051 http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml http://www.kb.cert.org/vuls/id/488774 http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 http://www.mozilla.org/security/announce/2006/mfsa2006-16.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html http://www.redhat.com/support/errata/RHSA-2006-0328.html http://www.redhat.com/support/errata/RHSA-2006-0329.html http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://www.securityfocus.com/archive/1/436296/100/0/threaded http://www.securityfocus.com/archive/1/436338/100/0/threaded http://www.securityfocus.com/archive/1/438730/100/0/threaded http://www.securityfocus.com/bid/17516 http://www.us-cert.gov/cas/techalerts/TA06-107A.html http://www.vupen.com/english/advisories/2006/1356 https://exchange.xforce.ibmcloud.com/vulnerabilities/25817 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10815 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2020 https://usn.ubuntu.com/271-1/ https://usn.ubuntu.com/275-1/ https://usn.ubuntu.com/276-1/

Share on: