Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-3807

Опубликовано: 27 июл. 2006
Источник: ubuntu
Приоритет: untriaged
EPSS Средний
CVSS2: 7.5

Описание

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
edgy

not-affected

feisty

not-affected

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0~alpha7-0ubuntu6
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.5-0ubuntu4
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.1.6b-0ubuntu2
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13-0ubuntu0.6.06
devel

DNE

edgy

released

1.5.0.13-0ubuntu0.6.10
feisty

released

1.5.0.13-0ubuntu0.7.04
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.0.5-4.2
edgy

released

1.8.0.5-4.2
feisty

released

1.8.0.5-4.2
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 96%
0.2749
Средний

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2006-3807

redhat
около 19 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

nvd логотип

CVE-2006-3807

nvd
около 19 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

debian логотип

CVE-2006-3807

debian
около 19 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...

github логотип

GHSA-7x5c-m92f-jxjp

github
больше 3 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

EPSS

Процентиль: 96%
0.2749
Средний

7.5 High

CVSS2