CVE-2006-1726
published 2006-04-14CVE-2006-1726: Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the…
PriorityP341critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
6.71%
93.1th percentile
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 1.5.dfsg+1.5.0.2-1 (sid) | firefox 1.5.dfsg+1.5.0.2-1 (sid) |
| debian | thunderbird | < firefox 1.5.dfsg+1.5.0.2-1 (sid) | firefox 1.5.dfsg+1.5.0.2-1 (sid) |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | seamonkey | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | >= 0 < 1.5.0.2-1 | 1.5.0.2-1 |
| mozilla | thunderbird | >= 0 < 1.5.0.2-1 | 1.5.0.2-1 |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2006-1726: firefox - Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and Sea...
vendor_debian·2006·CVSS 9.3
CVE-2006-1726 [CRITICAL] CVE-2006-1726: firefox - Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and Sea...
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)
GHSA
GHSA-7p29-2p26-qhwg: Unspecified vulnerability in Firefox and Thunderbird 1
ghsa_unreviewed·2022-05-01
CVE-2006-1726 [HIGH] GHSA-7p29-2p26-qhwg: Unspecified vulnerability in Firefox and Thunderbird 1
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
OSV
CVE-2006-1726: Unspecified vulnerability in Firefox and Thunderbird 1
osv·2006-04-14·CVSS 9.3
CVE-2006-1726 [CRITICAL] CVE-2006-1726: Unspecified vulnerability in Firefox and Thunderbird 1
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/19631http://secunia.com/advisories/19649http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://securitytracker.com/id?1015931http://securitytracker.com/id?1015932http://securitytracker.com/id?1015933http://www.kb.cert.org/vuls/id/968814http://www.mozilla.org/security/announce/2006/mfsa2006-28.htmlhttp://www.securityfocus.com/archive/1/434524/100/0/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/17516http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlhttp://www.vupen.com/english/advisories/2006/1356http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2008/0083https://exchange.xforce.ibmcloud.com/vulnerabilities/25825https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968http://secunia.com/advisories/19631http://secunia.com/advisories/19649http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://securitytracker.com/id?1015931http://securitytracker.com/id?1015932http://securitytracker.com/id?1015933http://www.kb.cert.org/vuls/id/968814http://www.mozilla.org/security/announce/2006/mfsa2006-28.htmlhttp://www.securityfocus.com/archive/1/434524/100/0/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/17516http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlhttp://www.vupen.com/english/advisories/2006/1356http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2008/0083https://exchange.xforce.ibmcloud.com/vulnerabilities/25825https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968
2006-04-14
Published