6.8
CVE-2006-1733
- EPSS 24.27%
- Veröffentlicht 14.04.2006 10:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Mozilla Suite Version <= 1.7.12
Mozilla ≫ Mozilla Suite Version1.7.6
Mozilla ≫ Mozilla Suite Version1.7.7
Mozilla ≫ Mozilla Suite Version1.7.8
Mozilla ≫ Mozilla Suite Version1.7.10
Mozilla ≫ Mozilla Suite Version1.7.11
Mozilla ≫ Thunderbird Version <= 1.0.7
Mozilla ≫ Thunderbird Version1.0
Mozilla ≫ Thunderbird Version1.0.1
Mozilla ≫ Thunderbird Version1.0.2
Mozilla ≫ Thunderbird Version1.0.3
Mozilla ≫ Thunderbird Version1.0.4
Mozilla ≫ Thunderbird Version1.0.5
Mozilla ≫ Thunderbird Version1.0.5 Updatebeta
Mozilla ≫ Thunderbird Version1.0.6
Mozilla ≫ Thunderbird Version1.5
Mozilla ≫ Thunderbird Version1.5 Updatebeta2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.27% | 0.956 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|