CVE-2006-3807 Information

Feb 14, 2021 cve

Description

Mozilla Firefox before 1.5.0.5 Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling \named JavaScript functions\ that use the constructor.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/19873 http://secunia.com/advisories/21216 http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://secunia.com/advisories/21243 http://secunia.com/advisories/21246 http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21269 http://secunia.com/advisories/21270 http://secunia.com/advisories/21275 http://secunia.com/advisories/21336 http://secunia.com/advisories/21343 http://secunia.com/advisories/21358 http://secunia.com/advisories/21361 http://secunia.com/advisories/21529 http://secunia.com/advisories/21532 http://secunia.com/advisories/21607 http://secunia.com/advisories/21631 http://secunia.com/advisories/21634 http://secunia.com/advisories/21654 http://secunia.com/advisories/21675 http://secunia.com/advisories/22055 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 http://secunia.com/advisories/22210 http://secunia.com/advisories/22342 http://security.gentoo.org/glsa/glsa-200608-02.xml http://security.gentoo.org/glsa/glsa-200608-04.xml http://securitytracker.com/id?1016586 http://securitytracker.com/id?1016587 http://securitytracker.com/id?1016588 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 http://www.debian.org/security/2006/dsa-1159 http://www.debian.org/security/2006/dsa-1160 http://www.debian.org/security/2006/dsa-1161 http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml http://www.kb.cert.org/vuls/id/687396 http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 http://www.mozilla.org/security/announce/2006/mfsa2006-51.html http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html http://www.redhat.com/support/errata/RHSA-2006-0594.html http://www.redhat.com/support/errata/RHSA-2006-0608.html http://www.redhat.com/support/errata/RHSA-2006-0610.html http://www.redhat.com/support/errata/RHSA-2006-0611.html http://www.securityfocus.com/archive/1/441333/100/0/threaded http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/archive/1/446658/100/200/threaded http://www.securityfocus.com/bid/19181 http://www.ubuntu.com/usn/usn-350-1 http://www.ubuntu.com/usn/usn-354-1 http://www.ubuntu.com/usn/usn-361-1 http://www.us-cert.gov/cas/techalerts/TA06-208A.html http://www.vupen.com/english/advisories/2006/2998 http://www.vupen.com/english/advisories/2006/3748 http://www.vupen.com/english/advisories/2006/3749 http://www.vupen.com/english/advisories/2007/0058 http://www.vupen.com/english/advisories/2008/0083 https://exchange.xforce.ibmcloud.com/vulnerabilities/27988 https://issues.rpath.com/browse/RPL-536 https://issues.rpath.com/browse/RPL-537 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10374 https://usn.ubuntu.com/327-1/ https://usn.ubuntu.com/329-1/

Share on: