CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
92.7%
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey
before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain
UniversalXPConnect privileges and possibly execute code or obtain sensitive
data by reading into a privileged context.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1 | UNKNOWN |
ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.6.06 | UNKNOWN |
ubuntu | 6.10 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.6.10 | UNKNOWN |
ubuntu | 7.04 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.7.04 | UNKNOWN |
ubuntu | 6.10 | noarch | xulrunner | < 1.8.0.5-4.2 | UNKNOWN |
ubuntu | 7.04 | noarch | xulrunner | < 1.8.0.5-4.2 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2006-3809
nvd.nist.gov/vuln/detail/CVE-2006-3809
security-tracker.debian.org/tracker/CVE-2006-3809
ubuntu.com/security/notices/USN-327-1
ubuntu.com/security/notices/USN-329-1
ubuntu.com/security/notices/USN-350-1
ubuntu.com/security/notices/USN-361-1
www.cve.org/CVERecord?id=CVE-2006-3809