CVE-2006-2787Firefox vulnerability

16 documents7 sources
Severity
9.3CRITICALNVD
EPSS
9.2%
top 7.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla ThunderbirdDebian FirefoxDebian Thunderbird+1 more
Timeline
PublishedJun 2
Latest updateMay 1

Description

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages5 packages

Debianmozilla/thunderbird< 1.5.0.4-1+3
NVDmozilla/firefox11 versions+10
NVDmozilla/thunderbird9 versions+8
debiandebian/firefox< firefox 1.5.dfsg+1.5.0.4-1 (sid)
debiandebian/thunderbird< firefox 1.5.dfsg+1.5.0.4-1 (sid)

🔴Vulnerability Details

2
GHSA
GHSA-5cpr-8f75-c2g3: EvalInSandbox in Mozilla Firefox and Thunderbird before 12022-05-01
OSV
CVE-2006-2787: EvalInSandbox in Mozilla Firefox and Thunderbird before 12006-06-02

📋Vendor Advisories

7
Ubuntu
mozilla vulnerabilities2006-07-26
Ubuntu
Thunderbird vulnerabilities2006-07-26
Ubuntu
Firefox vulnerabilities2006-07-25
Ubuntu
Thunderbird vulnerabilities2006-06-14
Ubuntu
firefox vulnerabilities2006-06-09

💬Community

6
Bugzilla
CVE-2006-2787 security flaw2018-08-16
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-07-12
Bugzilla
CVE-2006-2779 multiple Thunderbird issues (CVE-2006-2780, CVE-2006-2781, CVE-2006-2783,CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-28
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-27
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-27