Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-3806

Опубликовано: 27 июл. 2006
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 7.5

Описание

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
edgy

not-affected

feisty

not-affected

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0~alpha7-0ubuntu6
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.5-0ubuntu4
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.1.6b-0ubuntu2
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13-0ubuntu0.6.06
devel

DNE

edgy

released

1.5.0.13-0ubuntu0.6.10
feisty

released

1.5.0.13-0ubuntu0.7.04
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.0.5-4.2
edgy

released

1.8.0.5-4.2
feisty

released

1.8.0.5-4.2
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 96%
0.29557
Средний

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2006-3806

redhat
около 19 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

nvd логотип

CVE-2006-3806

nvd
около 19 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

debian логотип

CVE-2006-3806

debian
около 19 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox ...

github логотип

GHSA-cwr4-w68c-gmq5

github
больше 3 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

EPSS

Процентиль: 96%
0.29557
Средний

7.5 High

CVSS2