Lucene search

RedhatCVE-2006-5747

HistoryNov 08, 2006 - 9:07 p.m.

CVE-2006-5747

2006-11-0821:07:00

redhat

web.nvd.nist.gov

cve-2006-5747

mozilla firefox

thunderbird

seamonkey

remote code execution

javascript

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.277

Percentile

96.8%

JSON

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.

Affected configurations

Nvd

Node

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0dev

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.5

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5beta2

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.7

VendorProductVersionCPE
mozillathunderbird1.0.7cpe:/a:mozilla:thunderbird:1.0.7:::
mozillaseamonkey1.0.1cpe:/a:mozilla:seamonkey:1.0.1:::
mozillafirefox1.5.0.5cpe:/a:mozilla:firefox:1.5.0.5:::
mozillaseamonkey1.0cpe:/a:mozilla:seamonkey:1.0:::
mozillafirefox1.5.0.1cpe:/a:mozilla:firefox:1.5.0.1:::
mozillathunderbird1.0cpe:/a:mozilla:thunderbird:1.0:::
mozillafirefox1.5cpe:/a:mozilla:firefox:1.5:::
mozillafirefox1.5.0.3cpe:/a:mozilla:firefox:1.5.0.3:::
mozillaseamonkey1.0.5cpe:/a:mozilla:seamonkey:1.0.5:::
mozillafirefox1.5cpe:/a:mozilla:firefox:1.5:beta1::

Vendor	Product	Version	CPE
mozilla	thunderbird	1.0.7	cpe:/a:mozilla:thunderbird:1.0.7:::
mozilla	seamonkey	1.0.1	cpe:/a:mozilla:seamonkey:1.0.1:::
mozilla	firefox	1.5.0.5	cpe:/a:mozilla:firefox:1.5.0.5:::
mozilla	seamonkey	1.0	cpe:/a:mozilla:seamonkey:1.0:::
mozilla	firefox	1.5.0.1	cpe:/a:mozilla:firefox:1.5.0.1:::
mozilla	thunderbird	1.0	cpe:/a:mozilla:thunderbird:1.0:::
mozilla	firefox	1.5	cpe:/a:mozilla:firefox:1.5:::
mozilla	firefox	1.5.0.3	cpe:/a:mozilla:firefox:1.5.0.3:::
mozilla	seamonkey	1.0.5	cpe:/a:mozilla:seamonkey:1.0.5:::
mozilla	firefox	1.5	cpe:/a:mozilla:firefox:1.5:beta1::

Rows per page:

1-10 of 281

References

ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P

rhn.redhat.com/errata/RHSA-2006-0733.html

rhn.redhat.com/errata/RHSA-2006-0734.html

rhn.redhat.com/errata/RHSA-2006-0735.html

secunia.com/advisories/22066

secunia.com/advisories/22722

secunia.com/advisories/22727

secunia.com/advisories/22737

secunia.com/advisories/22763

secunia.com/advisories/22770

secunia.com/advisories/22774

secunia.com/advisories/22815

secunia.com/advisories/22817

secunia.com/advisories/22929

secunia.com/advisories/22965

secunia.com/advisories/22980

secunia.com/advisories/23009

secunia.com/advisories/23013

secunia.com/advisories/23263

secunia.com/advisories/23287

secunia.com/advisories/23297

secunia.com/advisories/24711

security.gentoo.org/glsa/glsa-200612-06.xml

security.gentoo.org/glsa/glsa-200612-07.xml

security.gentoo.org/glsa/glsa-200612-08.xml

securitytracker.com/id?1017177

securitytracker.com/id?1017178

securitytracker.com/id?1017179

support.avaya.com/elmodocs2/security/ASA-2006-246.htm

www.kb.cert.org/vuls/id/815432

www.mandriva.com/security/advisories?name=MDKSA-2006:205

www.mandriva.com/security/advisories?name=MDKSA-2006:206

www.mozilla.org/security/announce/2006/mfsa2006-65.html

www.novell.com/linux/security/advisories/2006_68_mozilla.html

www.securityfocus.com/archive/1/451099/100/0/threaded

www.securityfocus.com/bid/20957

www.ubuntu.com/usn/usn-381-1

www.ubuntu.com/usn/usn-382-1

www.us-cert.gov/cas/techalerts/TA06-312A.html

www.vupen.com/english/advisories/2006/3748

www.vupen.com/english/advisories/2006/4387

www.vupen.com/english/advisories/2007/1198

www.vupen.com/english/advisories/2008/0083

www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

bugzilla.mozilla.org/show_bug.cgi?id=355569

exchange.xforce.ibmcloud.com/vulnerabilities/30093

issues.rpath.com/browse/RPL-765

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11496

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.277

Percentile

96.8%

JSON

Related for CVE-2006-5747