CVE-2006-2775
published 2006-06-02CVE-2006-2775: Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.57%
90.5th percentile
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 1.5.dfsg+1.5.0.4-1 (sid) | firefox 1.5.dfsg+1.5.0.4-1 (sid) |
| debian | thunderbird | < firefox 1.5.dfsg+1.5.0.4-1 (sid) | firefox 1.5.dfsg+1.5.0.4-1 (sid) |
| mozilla | firefox | <= 1.5.0.3 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | thunderbird | <= 1.5.0.1 | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
mozilla vulnerabilities
vendor_ubuntu·2006-07-26·CVSS 4.3
CVE-2006-2775 [MEDIUM] mozilla vulnerabilities
Title: mozilla vulnerabilities
Summary: mozilla vulnerabilities
Jonas Sicking discovered that under some circumstances persisted XUL
attributes are associated with the wrong URL. A malicious web site
could exploit this to execute arbitrary code with the privileges of
the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object
prototype were getting called by privileged UI code. It was
demonstrated that this could be exploited to run arbitrary web script
with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar
attack was discovered by moz_bug_r_a4 that leveraged SelectionObject
notifications that were called in privileged context. (MFSA 2006-43,
CVE-2006-2777)
Mikolaj Habryn discovered a buffer overflow in the crypto.signText()
f
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2006-07-26·CVSS 7.5
CVE-2006-2775 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
USN-297-1 fixed several vulnerabilities in Thunderbird for the Ubuntu
6.06 LTS release. This update provides the corresponding fixes for
Ubuntu 5.04 and Ubuntu 5.10.
For reference, these are the details of the original USN:
Jonas Sicking discovered that under some circumstances persisted XUL
attributes are associated with the wrong URL. A malicious web site
could exploit this to execute arbitrary code with the privileges of
the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object
prototype were getting called by privileged UI code. It was
demonstrated that this could be exploited to run arbitrary web
script with full user privileges (MFSA 2006-37, CVE-2006-2776).
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2006-07-25·CVSS 4.3
CVE-2006-2775 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
USN-296-1 fixed several vulnerabilities in Firefox for the Ubuntu 6.06
LTS release. This update provides the corresponding fixes for Ubuntu
5.04 and Ubuntu 5.10.
For reference, these are the details of the original USN:
Jonas Sicking discovered that under some circumstances persisted XUL
attributes are associated with the wrong URL. A malicious web site
could exploit this to execute arbitrary code with the privileges of
the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object
prototype were getting called by privileged UI code. It was
demonstrated that this could be exploited to run arbitrary web script
with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar
at
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2006-06-14·CVSS 7.5
CVE-2006-2775 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
Jonas Sicking discovered that under some circumstances persisted XUL
attributes are associated with the wrong URL. A malicious web site
could exploit this to execute arbitrary code with the privileges of
the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object
prototype were getting called by privileged UI code. It was
demonstrated that this could be exploited to run arbitrary web script
with full user privileges (MFSA 2006-37, CVE-2006-2776).
Mikolaj Habryn discovered a buffer overflow in the crypto.signText()
function. By sending an email with malicious JavaScript to an user,
and that user enabled JavaScript in Thunderbird (which is not the
default and not recomm
Ubuntu
firefox vulnerabilities
vendor_ubuntu·2006-06-09·CVSS 7.5
CVE-2006-2775 [HIGH] firefox vulnerabilities
Title: firefox vulnerabilities
Summary: firefox vulnerabilities
Jonas Sicking discovered that under some circumstances persisted XUL
attributes are associated with the wrong URL. A malicious web site
could exploit this to execute arbitrary code with the privileges of
the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object
prototype were getting called by privileged UI code. It was
demonstrated that this could be exploited to run arbitrary web script
with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar
attack was discovered by moz_bug_r_a4 that leveraged SelectionObject
notifications that were called in privileged context. (MFSA 2006-43,
CVE-2006-2777)
Mikolaj Habryn discovered a buffer overflow in the crypto.signText()
f
Debian
CVE-2006-2775: firefox - Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with th...
vendor_debian·2006·CVSS 7.5
CVE-2006-2775 [HIGH] CVE-2006-2775: firefox - Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with th...
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.4-1)
GHSA
GHSA-vvv2-hwwj-rm5q: Mozilla Firefox and Thunderbird before 1
ghsa_unreviewed·2022-05-01
CVE-2006-2775 [HIGH] GHSA-vvv2-hwwj-rm5q: Mozilla Firefox and Thunderbird before 1
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
OSV
CVE-2006-2775: Mozilla Firefox and Thunderbird before 1
osv·2006-06-02·CVSS 7.5
CVE-2006-2775 [HIGH] CVE-2006-2775: Mozilla Firefox and Thunderbird before 1
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/20376http://secunia.com/advisories/20382http://secunia.com/advisories/20561http://secunia.com/advisories/20709http://secunia.com/advisories/21176http://secunia.com/advisories/21178http://secunia.com/advisories/21183http://secunia.com/advisories/21188http://secunia.com/advisories/21210http://secunia.com/advisories/21324http://secunia.com/advisories/21532http://secunia.com/advisories/21607http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://securitytracker.com/id?1016202http://securitytracker.com/id?1016214http://www.debian.org/security/2006/dsa-1118http://www.debian.org/security/2006/dsa-1120http://www.debian.org/security/2006/dsa-1134http://www.gentoo.org/security/en/glsa/glsa-200606-12.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200606-21.xmlhttp://www.kb.cert.org/vuls/id/243153http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mandriva.com/security/advisories?name=MDKSA-2006:146http://www.mozilla.org/security/announce/2006/mfsa2006-35.htmlhttp://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlhttp://www.securityfocus.com/archive/1/435795/100/0/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/18228http://www.us-cert.gov/cas/techalerts/TA06-153A.htmlhttp://www.vupen.com/english/advisories/2006/2106http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2008/0083https://exchange.xforce.ibmcloud.com/vulnerabilities/26846https://usn.ubuntu.com/296-1/https://usn.ubuntu.com/296-2/https://usn.ubuntu.com/297-1/https://usn.ubuntu.com/297-3/https://usn.ubuntu.com/323-1/http://secunia.com/advisories/20376http://secunia.com/advisories/20382http://secunia.com/advisories/20561http://secunia.com/advisories/20709http://secunia.com/advisories/21176http://secunia.com/advisories/21178http://secunia.com/advisories/21183http://secunia.com/advisories/21188http://secunia.com/advisories/21210http://secunia.com/advisories/21324http://secunia.com/advisories/21532http://secunia.com/advisories/21607http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://securitytracker.com/id?1016202http://securitytracker.com/id?1016214http://www.debian.org/security/2006/dsa-1118http://www.debian.org/security/2006/dsa-1120http://www.debian.org/security/2006/dsa-1134http://www.gentoo.org/security/en/glsa/glsa-200606-12.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200606-21.xmlhttp://www.kb.cert.org/vuls/id/243153http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mandriva.com/security/advisories?name=MDKSA-2006:146http://www.mozilla.org/security/announce/2006/mfsa2006-35.htmlhttp://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlhttp://www.securityfocus.com/archive/1/435795/100/0/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/18228http://www.us-cert.gov/cas/techalerts/TA06-153A.htmlhttp://www.vupen.com/english/advisories/2006/2106http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2008/0083https://exchange.xforce.ibmcloud.com/vulnerabilities/26846https://usn.ubuntu.com/296-1/https://usn.ubuntu.com/296-2/https://usn.ubuntu.com/297-1/https://usn.ubuntu.com/297-3/https://usn.ubuntu.com/323-1/
2006-06-02
Published