[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3808Date: (C)2006-07-27   (M)2023-12-22


Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016586
SECTRACK-1016587
SECTRACK-1016588
BID-19181
SECUNIA-19873
20060703-01-P
http://www.securityfocus.com/archive/1/archive/1/441333/100/0/threaded
SECUNIA-21216
SECUNIA-21229
SECUNIA-21243
SECUNIA-21246
SECUNIA-21250
SECUNIA-21262
SECUNIA-21269
SECUNIA-21270
SECUNIA-21336
SECUNIA-21343
SECUNIA-21361
SECUNIA-21529
SECUNIA-21532
SECUNIA-21631
SECUNIA-21634
SECUNIA-21654
SECUNIA-21675
SECUNIA-22065
SECUNIA-22066
SECUNIA-22210
SECUNIA-22342
ADV-2006-2998
ADV-2006-3748
ADV-2006-3749
ADV-2008-0083
DSA-1159
DSA-1160
DSA-1161
GLSA-200608-02
GLSA-200608-03
HPSBUX02153
HPSBUX02156
MDKSA-2006:143
MDKSA-2006:145
RHSA-2006:0594
RHSA-2006:0608
RHSA-2006:0609
RHSA-2006:0610
RHSA-2006:0611
SSRT061181
SSRT061236
SUSE-SA:2006:048
USN-327-1
USN-354-1
USN-361-1
http://www.mozilla.org/security/announce/2006/mfsa2006-52.html
https://issues.rpath.com/browse/RPL-536
https://issues.rpath.com/browse/RPL-537
mozilla-pac-code-execution(27989)

CPE    8
cpe:/a:mozilla:seamonkey:1.0.1
cpe:/a:mozilla:seamonkey:1.0.2
cpe:/a:mozilla:seamonkey:1.0
cpe:/a:mozilla:firefox:1.5.0.4
...

© SecPod Technologies