CVE-2006-3806
published 2006-07-27CVE-2006-3806: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow…
PriorityP431high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.36%
91.7th percentile
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 1.5.dfsg+1.5.0.5-1 (sid) | firefox 1.5.dfsg+1.5.0.5-1 (sid) |
| debian | thunderbird | < firefox 1.5.dfsg+1.5.0.5-1 (sid) | firefox 1.5.dfsg+1.5.0.5-1 (sid) |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | seamonkey | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | — | — |
| mozilla | thunderbird | >= 0 < 1.5.0.5-1 | 1.5.0.5-1 |
| mozilla | thunderbird | >= 0 < 1.5.0.5-1 | 1.5.0.5-1 |
| mozilla | thunderbird | >= 0 < 1.5.0.5-1 | 1.5.0.5-1 |
| mozilla | thunderbird | >= 0 < 1.5.0.5-1 | 1.5.0.5-1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Mozilla vulnerabilities
vendor_ubuntu·2006-10-10·CVSS 7.5
CVE-2006-2788 [HIGH] Mozilla vulnerabilities
Title: Mozilla vulnerabilities
Summary: Mozilla vulnerabilities
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious URL. (CVE-2006-2788, CVE-2006-3805, CVE-2006-3806,
CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565,
CVE-2006-4568, CVE-2006-4571)
A bug was found in the script handler for automatic proxy
configuration. A malicious proxy could send scripts which could
execute arbitrary code with the user's privileges. (CVE-2006-3808)
The NSS library did not sufficiently check the padding of PKCS #1 v1.5
signatures if the exponent of the public key is 3 (which is widely
used for CAs). This could be exploited to forge valid signatures
without the need of the secret key. (CVE-2006-4340
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2006-09-22·CVSS 7.5
CVE-2006-3113 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
This update upgrades Thunderbird from 1.0.8 to 1.5.0.7. This step was
necessary since the 1.0.x series is not supported by upstream any
more.
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious email containing JavaScript. Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable
it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805,
CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810,
CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4565,
CVE-2006-4566, CVE-2006-4571)
A buffer overflow has been discovered in the handling of .vcard files.
By tricking a user
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2006-07-29·CVSS 7.2
CVE-2006-3113 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious email containing JavaScript. Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable
it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805,
CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810,
CVE-2006-3811, CVE-2006-3812)
A buffer overflow has been discovered in the handling of .vcard files.
By tricking a user into importing a malicious vcard into his contacts,
this could be exploited to execute arbitrary code with the user's
privileges. (CVE-2006-3084)
The "enigmail" plugin has been updated to work with the
Ubuntu
firefox vulnerabilities
vendor_ubuntu·2006-07-28·CVSS 7.5
CVE-2006-3113 [HIGH] firefox vulnerabilities
Title: firefox vulnerabilities
Summary: firefox vulnerabilities
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious URL. (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801,
CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807,
CVE-2006-3809, CVE-2006-3811, CVE-2006-3812)
cross-site scripting vulnerabilities were found in the
XPCNativeWrapper() function and native DOM method handlers. A
malicious web site could exploit these to modify the contents or steal
confidential data (such as passwords) from other opened web pages.
(CVE-2006-3802, CVE-2006-3810)
A bug was found in the script handler for automatic proxy
configuration. A malicious proxy could send scripts which could
execute arbitrary c
Red Hat
security flaw
vendor_redhat·2006-07-26·CVSS 7.5
CVE-2006-3806 [HIGH] security flaw
security flaw
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Debian
CVE-2006-3806: firefox - Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1....
vendor_debian·2006·CVSS 7.5
CVE-2006-3806 [HIGH] CVE-2006-3806: firefox - Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1....
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)
GHSA
GHSA-cwr4-w68c-gmq5: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1
ghsa_unreviewed·2022-05-03
CVE-2006-3806 [HIGH] GHSA-cwr4-w68c-gmq5: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
OSV
CVE-2006-3806: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1
osv·2006-07-27·CVSS 7.5
CVE-2006-3806 [HIGH] CVE-2006-3806: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2006-3806 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2006-3806 [HIGH] CVE-2006-3806 security flaw
CVE-2006-3806 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Bugzilla
CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5
bugzilla·2006-07-28·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5
CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5
+++ This bug was initially created as a clone of Bug #200357 +++
Description of problem: Firefox 1.5.0.4 and earlier has serious security
flaws, patched in 1.5.0.5
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.5
From the link above, I think the following also affect 1.0.8 in FC4:
CVE-2006-3805 : remote code execution via javascript.
CVE-2006-3806 : ditto.
CVE-2006-3807 : looks like a very serious privledge escalation bug for
javascript
CVE-2006-3808 : malicious proxy can execute code with privs it shouldn't have;
note that a malicious proxy can do all sorts of bad things
anyway.
Bugzilla
Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
bugzilla·2006-07-27·CVSS 7.5
CVE-2006-3677 [HIGH] Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Arbitrary code execution:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3807
Denial of service:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3804
All these are reported against seamonkey < 1.0.3. FE[45] and devel affected.
Discussion:
There's more: CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805,
CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811
---
...and CVE-2006-3812
---
See also related Firefox bug #200357
---
Fixed in 1.0.3+ according to upstream.
Bugzilla
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3
bugzilla·2006-07-27·CVSS 7.5
CVE-2006-3113 [HIGH] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
Description of problem: Firefox 1.5.0.4 and earlier has serious security
flaws, patched in 1.5.0.5
Version-Release number of selected component (if applicable): 1.5.0.4 and earlier
How reproducible: always
Steps to Reproduce:
1. Just use Firefox!
2.
3.
Actual results: Security flaws.
Expected results: No security flaws.
Additional info: See: http://www.mozilla.org/security/announce/
for the dozen or so security announcements from Mozilla, namely,
MFSA 2006-44 through 56.
I left this open for everyone to see since the disclosure is p
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-26·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200167 +++
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-200
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
CVE-2006-3113 MFSA 2006-46
CVE-2006-3803 MFSA
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Seamonkey, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Seamonkey processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-200
Bugzilla
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Firefox, they are expected to be fixed in
the next upstream Firefox release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
CVE-2006-3812 MFSA 2006-56
Several flaws were found in the way Firefox processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
C
Bugzilla
CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-200
bugzilla·2006-07-25·CVSS 7.5
CVE-2006-3801 [HIGH] CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-200
CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811)
+++ This bug was initially created as a clone of Bug #200161 +++
Several Issues were discovered in Thunderbird, they are expected to be fixed in
the next upstream Seamonkey release
CVE-2006-3807 MFSA 2006-51
CVE-2006-3809 MFSA 2006-53
Several flaws were found in the way Thunderbird processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.
CVE-2006-3801 MFSA 2006-44
CVE-2006-3677 MFSA 2006-45
CVE-2006-3113 MF
Bugzilla
CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
bugzilla·2006-06-08·CVSS 9.3
CVE-2006-2779 [CRITICAL] CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
CVE-2006-2779 Multiple Mozilla, Firefox issues (CVE-2006-2781, CVE-2006-2788)
+++ This bug was initially created as a clone of Bug #193906 +++
Text stolen from MITRE:
CVE-2006-2781
Double-free vulnerability in Mozilla Thunderbird before 1.5.0.4 and
SeaMonkey before 1.0.2 allows remote attackers to cause a denial of
service (hang) and possibly execute arbitrary code via a VCard that
contains invalid base64 characters.
CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers
to cause a denial of service (crash) and possibly execute arbitrary
code via (1) nested tags in a select tag, (2) a
DOMNodeRemoved mutation event, (3) "Content-implemented tree views,"
(4) BoxObjects, (5) the XBL implementation, (6) an iframe that
attempts to remove itself, which leads to m
Bugzilla
CVE-2005-3806 ipv6 DOS
bugzilla·2005-11-24·CVSS 6.6
CVE-2005-3806 [MEDIUM] CVE-2005-3806 ipv6 DOS
CVE-2005-3806 ipv6 DOS
A typo in IPv6 flowlabel handling code in Linux kernels 2.4 up
to 2.4.32 and 2.6 before 2.6.14 could be used by a local
attacker to cause the kernel free non-allocated memory and in
turn corrupt kernel memory and/or crash the machine.
Fixed upstream by:
http://linux.bkbits.net:8080/linux-2.6/cset@435ebd2095VXAPIHGRQXkibspCvlPw
This issue affects kernels 2.4 as well as 2.6 up to 2.6.14
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/19873http://secunia.com/advisories/21216http://secunia.com/advisories/21228http://secunia.com/advisories/21229http://secunia.com/advisories/21243http://secunia.com/advisories/21246http://secunia.com/advisories/21250http://secunia.com/advisories/21262http://secunia.com/advisories/21269http://secunia.com/advisories/21270http://secunia.com/advisories/21275http://secunia.com/advisories/21336http://secunia.com/advisories/21343http://secunia.com/advisories/21358http://secunia.com/advisories/21361http://secunia.com/advisories/21529http://secunia.com/advisories/21532http://secunia.com/advisories/21607http://secunia.com/advisories/21631http://secunia.com/advisories/21634http://secunia.com/advisories/21654http://secunia.com/advisories/21675http://secunia.com/advisories/22055http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://secunia.com/advisories/22210http://secunia.com/advisories/22342http://security.gentoo.org/glsa/glsa-200608-02.xmlhttp://security.gentoo.org/glsa/glsa-200608-04.xmlhttp://securitytracker.com/id?1016586http://securitytracker.com/id?1016587http://securitytracker.com/id?1016588http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1http://www.debian.org/security/2006/dsa-1159http://www.debian.org/security/2006/dsa-1160http://www.debian.org/security/2006/dsa-1161http://www.gentoo.org/security/en/glsa/glsa-200608-03.xmlhttp://www.kb.cert.org/vuls/id/655892http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mandriva.com/security/advisories?name=MDKSA-2006:146http://www.mozilla.org/security/announce/2006/mfsa2006-50.htmlhttp://www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0594.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0608.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0610.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0611.htmlhttp://www.securityfocus.com/archive/1/441333/100/0/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/bid/19181http://www.ubuntu.com/usn/usn-350-1http://www.ubuntu.com/usn/usn-354-1http://www.ubuntu.com/usn/usn-361-1http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlhttp://www.vupen.com/english/advisories/2006/2998http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2007/0058http://www.vupen.com/english/advisories/2008/0083https://exchange.xforce.ibmcloud.com/vulnerabilities/27987https://issues.rpath.com/browse/RPL-536https://issues.rpath.com/browse/RPL-537https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232https://usn.ubuntu.com/327-1/https://usn.ubuntu.com/329-1/ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/19873http://secunia.com/advisories/21216http://secunia.com/advisories/21228http://secunia.com/advisories/21229http://secunia.com/advisories/21243http://secunia.com/advisories/21246http://secunia.com/advisories/21250http://secunia.com/advisories/21262http://secunia.com/advisories/21269http://secunia.com/advisories/21270http://secunia.com/advisories/21275http://secunia.com/advisories/21336http://secunia.com/advisories/21343http://secunia.com/advisories/21358http://secunia.com/advisories/21361http://secunia.com/advisories/21529http://secunia.com/advisories/21532http://secunia.com/advisories/21607http://secunia.com/advisories/21631http://secunia.com/advisories/21634http://secunia.com/advisories/21654http://secunia.com/advisories/21675http://secunia.com/advisories/22055http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://secunia.com/advisories/22210http://secunia.com/advisories/22342http://security.gentoo.org/glsa/glsa-200608-02.xmlhttp://security.gentoo.org/glsa/glsa-200608-04.xmlhttp://securitytracker.com/id?1016586
+ 36 more references
2006-07-27
Published