CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.9%
A Mozilla Foundation Security Advisory reports of multiple
issues. Several of which can be used to run arbitrary code
with the privilege of the user running the program.
MFSA 2006-56 chrome: scheme loading remote content
MFSA 2006-55 Crashes with evidence of memory corruption
(rv:1.8.0.5)
MFSA 2006-54 XSS with
XPCNativeWrapper(window).Function(…)
MFSA 2006-53 UniversalBrowserRead privilege escalation
MFSA 2006-52 PAC privilege escalation using
Function.prototype.call
MFSA 2006-51 Privilege escalation using named-functions
and redefined “new Object()”
MFSA 2006-50 JavaScript engine vulnerabilities
MFSA 2006-49 Heap buffer overwrite on malformed VCard
MFSA 2006-48 JavaScript new Function race condition
MFSA 2006-47 Native DOM methods can be hijacked across
domains
MFSA 2006-46 Memory corruption with simultaneous events
MFSA 2006-45 Javascript navigator Object Vulnerability
MFSA 2006-44 Code execution through deleted frame
reference
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 1.5.0.5,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 1.5.0.5 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 3.0.a2006.07.26 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 1.0.3 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 1.0.3 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 1.5.0.5 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 1.5.0.5 | UNKNOWN |
FreeBSD | any | noarch | mozilla-thunderbird | < 1.5.0.5 | UNKNOWN |
www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey1.0.3
www.mozilla.org/security/announce/2006/mfsa2006-44.html
www.mozilla.org/security/announce/2006/mfsa2006-45.html
www.mozilla.org/security/announce/2006/mfsa2006-46.html
www.mozilla.org/security/announce/2006/mfsa2006-47.html
www.mozilla.org/security/announce/2006/mfsa2006-48.html
www.mozilla.org/security/announce/2006/mfsa2006-49.html
www.mozilla.org/security/announce/2006/mfsa2006-50.html
www.mozilla.org/security/announce/2006/mfsa2006-51.html
www.mozilla.org/security/announce/2006/mfsa2006-52.html
www.mozilla.org/security/announce/2006/mfsa2006-53.html
www.mozilla.org/security/announce/2006/mfsa2006-54.html
www.mozilla.org/security/announce/2006/mfsa2006-55.html
www.mozilla.org/security/announce/2006/mfsa2006-56.html