CVE-2006-3807 — Firefox vulnerability
19 documents7 sources
Severity
7.5HIGHNVD
EPSS
28.9%
top 3.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 27
Latest updateMay 3
Description
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages6 packages
Patches
🔴Vulnerability Details
2📋Vendor Advisories
6💬Community
10Bugzilla▶
CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5↗2006-07-28
Bugzilla▶
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3↗2006-07-27
Bugzilla▶
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-↗2006-07-26