9.3

CVE-2006-1726

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version1.0
MozillaFirefox Version1.0.1
MozillaFirefox Version1.0.2
MozillaFirefox Version1.0.3
MozillaFirefox Version1.0.4
MozillaFirefox Version1.0.5
MozillaFirefox Version1.0.6
MozillaFirefox Version1.0.7
MozillaFirefox Version1.5
MozillaFirefox Version1.5 Updatebeta1
MozillaFirefox Version1.5 Updatebeta2
MozillaFirefox Version1.5.0.1
MozillaFirefox Versionpreview_release
MozillaSeamonkey Version1.0 Editionalpha
MozillaSeamonkey Version1.0 Updatebeta
MozillaThunderbird Version1.0
MozillaThunderbird Version1.0.1
MozillaThunderbird Version1.0.2
MozillaThunderbird Version1.0.3
MozillaThunderbird Version1.0.4
MozillaThunderbird Version1.0.5
MozillaThunderbird Version1.0.5 Updatebeta
MozillaThunderbird Version1.0.6
MozillaThunderbird Version1.0.7
MozillaThunderbird Version1.5
MozillaThunderbird Version1.5 Updatebeta2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.71% 0.931
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22065
Vendor Advisory
http://www.securityfocus.com/archive/1/446657/100/200/threaded
http://www.vupen.com/english/advisories/2006/3749
http://www.securityfocus.com/bid/17516
http://www.vupen.com/english/advisories/2006/1356
http://secunia.com/advisories/22066
Vendor Advisory
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2008/0083
http://secunia.com/advisories/19631
Vendor Advisory
http://www.securityfocus.com/archive/1/434524/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA06-107A.html
US Government Resource
http://secunia.com/advisories/19649
Vendor Advisory
http://securitytracker.com/id?1015931
http://securitytracker.com/id?1015932
http://securitytracker.com/id?1015933
http://www.kb.cert.org/vuls/id/968814
US Government Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-28.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25825
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968