Home > Vulnerability Database > CVE-2006-3677

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-3677

Date: July 27, 2006

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.

Severity Score

7.3

Related Resources (50)

Url: http://www.securityfocus.com/archive/1/441333/100/0/threaded

Url: http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3677

Url: http://www.securityfocus.com/bid/19181

Url: http://www.redhat.com/support/errata/RHSA-2006-0608.html

Url: http://www.redhat.com/support/errata/RHSA-2006-0611.html

Url: http://secunia.com/advisories/21532

Url: http://www.zerodayinitiative.com/advisories/ZDI-06-025.html

Url: http://www.securityfocus.com/archive/1/446658/100/200/threaded

Url: http://secunia.com/advisories/21336

Url: http://www.redhat.com/support/errata/RHSA-2006-0610.html

Url: http://secunia.com/advisories/21216

Url: http://www.redhat.com/support/errata/RHSA-2006-0594.html

Url: http://www.vupen.com/english/advisories/2006/3748

Url: http://secunia.com/advisories/22066

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-45.html

Url: http://securitytracker.com/id?1016587

Url: https://issues.rpath.com/browse/RPL-536

Url: http://securitytracker.com/id?1016586

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: http://www.kb.cert.org/vuls/id/670060

Url: http://secunia.com/advisories/21269

Url: https://usn.ubuntu.com/327-1/

Url: http://secunia.com/advisories/21229

Url: http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

Url: http://secunia.com/advisories/21262

Url: http://secunia.com/advisories/21343

Url: http://www.us-cert.gov/cas/techalerts/TA06-208A.html

Url: http://secunia.com/advisories/19873

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27981

Url: http://www.vupen.com/english/advisories/2008/0083

Url: http://secunia.com/advisories/21631

Url: http://www.ubuntu.com/usn/usn-354-1

Url: http://security.gentoo.org/glsa/glsa-200608-02.xml

Url: https://access.redhat.com/security/cve/CVE-2006-3677

Url: http://secunia.com/advisories/21270

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/39998

Url: http://www.vupen.com/english/advisories/2006/2998

Url: http://rhn.redhat.com/errata/RHSA-2006-0609.html

Url: http://secunia.com/advisories/21529

Url: http://www.securityfocus.com/bid/19192

Url: http://www.securityfocus.com/archive/1/441332/100/0/threaded

Url: http://secunia.com/advisories/21246

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Url: http://secunia.com/advisories/21361

Url: http://secunia.com/advisories/22210

Url: http://secunia.com/advisories/21243

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745

Url: https://www.mend.io/vulnerability-database/CVE-2006-3677

Severity Score

7.3

Weakness Type (CWE)

Configuration

CWE-16

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us