CVE-2006-3811 — Out-of-bounds Write in Firefox

19 documents7 sources

Severity

7.5HIGHNVD

EPSS

19.0%

top 4.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Thunderbird Debian Firefox Debian Thunderbird +2 more

Timeline

PublishedJul 27

Latest updateMay 3

Description

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references t…

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages6 packages

▶Debianmozilla/thunderbird< 1.5.0.5-1+3

▶NVDmozilla/firefox5 versions+4

▶NVDmozilla/seamonkey1.0, 1.0.1, 1.0.2+2

▶NVDmozilla/thunderbird1.5, 1.5.0.2, 1.5.0.4+2

▶debiandebian/firefox< firefox 1.5.dfsg+1.5.0.5-1 (sid)

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-gjxm-326v-65c3: Multiple vulnerabilities in Mozilla Firefox before 1↗2022-05-03

▶

OSV

CVE-2006-3811: Multiple vulnerabilities in Mozilla Firefox before 1↗2006-07-27

▶

📋Vendor Advisories

Ubuntu

Mozilla vulnerabilities↗2006-10-10

▶

Ubuntu

Thunderbird vulnerabilities↗2006-09-22

▶

Ubuntu

Thunderbird vulnerabilities↗2006-07-29

▶

Ubuntu

firefox vulnerabilities↗2006-07-28

▶

Red Hat

security flaw↗2006-07-26

▶

💬Community

Bugzilla

CVE-2006-3811 security flaw↗2018-08-16

▶

Bugzilla

CVE-2006-3801, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812: major (public) security flaws fixed in firefox 1.5.0.5↗2006-07-28

▶

Bugzilla

Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}↗2006-07-27

▶

Bugzilla

major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3↗2006-07-27

▶

Bugzilla

CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-↗2006-07-26

▶