Home > Vulnerability Database > CVE-2006-3803

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-3803

Date: July 27, 2006

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.

Severity Score

5.6

Related Resources (62)

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: http://www.securityfocus.com/archive/1/441333/100/0/threaded

Url: http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

Url: https://access.redhat.com/security/cve/CVE-2006-3803

Url: http://www.securityfocus.com/bid/19181

Url: http://www.redhat.com/support/errata/RHSA-2006-0608.html

Url: http://www.redhat.com/support/errata/RHSA-2006-0611.html

Url: http://secunia.com/advisories/21532

Url: http://www.securityfocus.com/archive/1/446658/100/200/threaded

Url: http://secunia.com/advisories/21336

Url: http://www.redhat.com/support/errata/RHSA-2006-0610.html

Url: http://secunia.com/advisories/21216

Url: http://www.redhat.com/support/errata/RHSA-2006-0594.html

Url: http://www.vupen.com/english/advisories/2006/3749

Url: http://secunia.com/advisories/21250

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/3748

Url: http://secunia.com/advisories/22066

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-3803

Url: http://securitytracker.com/id?1016587

Url: http://securitytracker.com/id?1016588

Url: https://issues.rpath.com/browse/RPL-536

Url: http://securitytracker.com/id?1016586

Url: https://issues.rpath.com/browse/RPL-537

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-48.html

Url: http://secunia.com/advisories/21269

Url: https://usn.ubuntu.com/327-1/

Url: http://secunia.com/advisories/21228

Url: http://secunia.com/advisories/21229

Url: http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

Url: http://secunia.com/advisories/21262

Url: http://secunia.com/advisories/21343

Url: http://www.us-cert.gov/cas/techalerts/TA06-208A.html

Url: http://secunia.com/advisories/19873

Url: http://www.vupen.com/english/advisories/2008/0083

Url: http://secunia.com/advisories/21631

Url: http://www.ubuntu.com/usn/usn-354-1

Url: http://security.gentoo.org/glsa/glsa-200608-02.xml

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27984

Url: http://secunia.com/advisories/21358

Url: http://www.ubuntu.com/usn/usn-350-1

Url: http://secunia.com/advisories/21270

Url: http://www.vupen.com/english/advisories/2006/2998

Url: http://secunia.com/advisories/21275

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635

Url: http://rhn.redhat.com/errata/RHSA-2006-0609.html

Url: http://www.kb.cert.org/vuls/id/265964

Url: http://secunia.com/advisories/21529

Url: http://secunia.com/advisories/21607

Url: https://usn.ubuntu.com/329-1/

Url: http://secunia.com/advisories/21246

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3803

Url: http://security.gentoo.org/glsa/glsa-200608-04.xml

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

Url: http://secunia.com/advisories/21361

Url: http://secunia.com/advisories/22210

Url: http://secunia.com/advisories/22055

Url: http://secunia.com/advisories/21243

Url: https://www.mend.io/vulnerability-database/CVE-2006-3803

Severity Score

5.6

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	5.1
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us