CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.9%
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox | 1.5 | cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:* |
mozilla | firefox | 1.5.0.1 | cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:* |
mozilla | firefox | 1.5.0.2 | cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:* |
mozilla | firefox | 1.5.0.3 | cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:* |
mozilla | firefox | 1.5.0.4 | cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:* |
mozilla | seamonkey | 1.0 | cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:* |
mozilla | seamonkey | 1.0 | cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:* |
mozilla | seamonkey | 1.0.1 | cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:* |
mozilla | seamonkey | 1.0.2 | cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:* |
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
rhn.redhat.com/errata/RHSA-2006-0609.html
secunia.com/advisories/19873
secunia.com/advisories/21216
secunia.com/advisories/21229
secunia.com/advisories/21243
secunia.com/advisories/21246
secunia.com/advisories/21262
secunia.com/advisories/21269
secunia.com/advisories/21270
secunia.com/advisories/21336
secunia.com/advisories/21343
secunia.com/advisories/21361
secunia.com/advisories/21529
secunia.com/advisories/21532
secunia.com/advisories/21631
secunia.com/advisories/22066
secunia.com/advisories/22210
security.gentoo.org/glsa/glsa-200608-02.xml
securitytracker.com/id?1016586
securitytracker.com/id?1016587
www.gentoo.org/security/en/glsa/glsa-200608-03.xml
www.kb.cert.org/vuls/id/670060
www.mandriva.com/security/advisories?name=MDKSA-2006:143
www.mandriva.com/security/advisories?name=MDKSA-2006:145
www.mozilla.org/security/announce/2006/mfsa2006-45.html
www.novell.com/linux/security/advisories/2006_48_seamonkey.html
www.redhat.com/support/errata/RHSA-2006-0594.html
www.redhat.com/support/errata/RHSA-2006-0608.html
www.redhat.com/support/errata/RHSA-2006-0610.html
www.redhat.com/support/errata/RHSA-2006-0611.html
www.securityfocus.com/archive/1/441332/100/0/threaded
www.securityfocus.com/archive/1/441333/100/0/threaded
www.securityfocus.com/archive/1/446658/100/200/threaded
www.securityfocus.com/bid/19181
www.securityfocus.com/bid/19192
www.ubuntu.com/usn/usn-354-1
www.us-cert.gov/cas/techalerts/TA06-208A.html
www.vupen.com/english/advisories/2006/2998
www.vupen.com/english/advisories/2006/3748
www.vupen.com/english/advisories/2008/0083
www.zerodayinitiative.com/advisories/ZDI-06-025.html
exchange.xforce.ibmcloud.com/vulnerabilities/27981
exchange.xforce.ibmcloud.com/vulnerabilities/39998
issues.rpath.com/browse/RPL-536
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745
usn.ubuntu.com/327-1/