Home > Vulnerability Database > CVE-2006-3807

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-3807

Date: July 27, 2006

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

Severity Score

7.3

Related Resources (72)

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: http://www.debian.org/security/2006/dsa-1159

Url: http://www.securityfocus.com/archive/1/441333/100/0/threaded

Url: http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

Url: http://www.securityfocus.com/bid/19181

Url: http://www.redhat.com/support/errata/RHSA-2006-0608.html

Url: https://access.redhat.com/security/cve/CVE-2006-3807

Url: http://www.vupen.com/english/advisories/2007/0058

Url: http://www.redhat.com/support/errata/RHSA-2006-0611.html

Url: http://secunia.com/advisories/21532

Url: http://www.securityfocus.com/archive/1/446658/100/200/threaded

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1

Url: http://secunia.com/advisories/21336

Url: http://www.redhat.com/support/errata/RHSA-2006-0610.html

Url: http://secunia.com/advisories/21654

Url: http://secunia.com/advisories/21216

Url: http://www.redhat.com/support/errata/RHSA-2006-0594.html

Url: http://www.vupen.com/english/advisories/2006/3749

Url: http://secunia.com/advisories/21250

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/3748

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-3807

Url: http://secunia.com/advisories/22342

Url: http://secunia.com/advisories/22066

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10374

Url: http://securitytracker.com/id?1016587

Url: http://securitytracker.com/id?1016588

Url: https://issues.rpath.com/browse/RPL-536

Url: http://securitytracker.com/id?1016586

Url: https://issues.rpath.com/browse/RPL-537

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27988

Url: http://secunia.com/advisories/21269

Url: https://usn.ubuntu.com/327-1/

Url: http://www.ubuntu.com/usn/usn-361-1

Url: http://secunia.com/advisories/21228

Url: http://secunia.com/advisories/21229

Url: http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

Url: http://www.debian.org/security/2006/dsa-1160

Url: http://www.debian.org/security/2006/dsa-1161

Url: http://secunia.com/advisories/21262

Url: http://secunia.com/advisories/21343

Url: http://www.kb.cert.org/vuls/id/687396

Url: http://www.us-cert.gov/cas/techalerts/TA06-208A.html

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-51.html

Url: http://secunia.com/advisories/19873

Url: http://www.vupen.com/english/advisories/2008/0083

Url: http://secunia.com/advisories/21631

Url: http://secunia.com/advisories/21675

Url: http://www.ubuntu.com/usn/usn-354-1

Url: http://security.gentoo.org/glsa/glsa-200608-02.xml

Url: http://secunia.com/advisories/21358

Url: http://www.ubuntu.com/usn/usn-350-1

Url: http://secunia.com/advisories/21634

Url: http://secunia.com/advisories/21270

Url: http://www.vupen.com/english/advisories/2006/2998

Url: http://secunia.com/advisories/21275

Url: http://rhn.redhat.com/errata/RHSA-2006-0609.html

Url: http://secunia.com/advisories/21529

Url: http://secunia.com/advisories/21607

Url: https://usn.ubuntu.com/329-1/

Url: http://secunia.com/advisories/21246

Url: http://security.gentoo.org/glsa/glsa-200608-04.xml

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

Url: http://secunia.com/advisories/21361

Url: http://secunia.com/advisories/22210

Url: http://secunia.com/advisories/22055

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3807

Url: http://secunia.com/advisories/21243

Url: https://www.mend.io/vulnerability-database/CVE-2006-3807

Severity Score

7.3

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us