[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2006-3806Date: (C)2006-07-27   (M)2018-02-19


Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 7.5
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
SECTRACK-1016586
SECTRACK-1016587
SECTRACK-1016588
SUNALERT-102763
BID-19181
SECUNIA-19873
20060703-01-P
http://www.securityfocus.com/archive/1/archive/1/441333/100/0/threaded
SECUNIA-21216
SECUNIA-21228
SECUNIA-21229
SECUNIA-21243
SECUNIA-21246
SECUNIA-21250
SECUNIA-21262
SECUNIA-21269
SECUNIA-21270
SECUNIA-21275
SECUNIA-21336
SECUNIA-21343
SECUNIA-21358
SECUNIA-21361
SECUNIA-21529
SECUNIA-21532
SECUNIA-21607
SECUNIA-21631
SECUNIA-21634
SECUNIA-21654
SECUNIA-21675
SECUNIA-22055
SECUNIA-22065
SECUNIA-22066
SECUNIA-22210
SECUNIA-22342
ADV-2006-2998
ADV-2006-3748
ADV-2006-3749
ADV-2007-0058
ADV-2008-0083
DSA-1159
DSA-1160
DSA-1161
GLSA-200608-02
GLSA-200608-03
GLSA-200608-04
HPSBUX02156
MDKSA-2006:143
MDKSA-2006:145
MDKSA-2006:146
RHSA-2006:0594
RHSA-2006:0608
RHSA-2006:0609
RHSA-2006:0610
RHSA-2006:0611
SSRT061181
SSRT061236
SUSE-SA:2006:048
TA06-208A
USN-327-1
USN-329-1
USN-350-1
USN-354-1
USN-361-1
VU#655892
http://www.mozilla.org/security/announce/2006/mfsa2006-50.html
https://issues.rpath.com/browse/RPL-536
https://issues.rpath.com/browse/RPL-537
mozilla-javascript-engine-overflow(27987)

CPE    11
cpe:/a:mozilla:seamonkey:1.0.1
cpe:/a:mozilla:seamonkey:1.0.2
cpe:/a:mozilla:seamonkey:1.0
cpe:/a:mozilla:firefox:1.5.0.4
...
CWE    1
CWE-189

© SecPod Technologies