7.5

CVE-2006-3677

EPSS 81.11%
Published 27.07.2006 19:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.

Affected products Warnungen 0 Metrics 2 CWE 0 References 50

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Editiondev

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	81.11%	0.991

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

http://secunia.com/advisories/21262

Vendor Advisory

http://secunia.com/advisories/22066

Vendor Advisory

http://www.securityfocus.com/archive/1/446658/100/200/threaded

http://www.vupen.com/english/advisories/2006/3748

Vendor Advisory

http://www.vupen.com/english/advisories/2008/0083

Vendor Advisory

http://secunia.com/advisories/21532

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

http://rhn.redhat.com/errata/RHSA-2006-0609.html

Vendor Advisory

http://secunia.com/advisories/21269

Vendor Advisory

http://secunia.com/advisories/21270

Vendor Advisory

http://secunia.com/advisories/21336

Vendor Advisory

http://secunia.com/advisories/21631

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2006-0594.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2006-0610.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2006-0611.html

Vendor Advisory

http://www.us-cert.gov/cas/techalerts/TA06-208A.html

US Government Resource

http://secunia.com/advisories/19873

Patch

Vendor Advisory

http://secunia.com/advisories/21216

Patch

Vendor Advisory

http://secunia.com/advisories/21229

Patch

Vendor Advisory

http://secunia.com/advisories/21243

Vendor Advisory

http://secunia.com/advisories/21246

Vendor Advisory

http://secunia.com/advisories/21343

Vendor Advisory

http://secunia.com/advisories/21361

Vendor Advisory

http://secunia.com/advisories/21529

Vendor Advisory

http://secunia.com/advisories/22210

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200608-02.xml

http://securitytracker.com/id?1016586

http://securitytracker.com/id?1016587

http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

http://www.kb.cert.org/vuls/id/670060

Third Party Advisory

US Government Resource

http://www.mozilla.org/security/announce/2006/mfsa2006-45.html

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

http://www.redhat.com/support/errata/RHSA-2006-0608.html

Vendor Advisory

http://www.securityfocus.com/archive/1/441332/100/0/threaded

http://www.securityfocus.com/archive/1/441333/100/0/threaded

http://www.securityfocus.com/bid/19181

http://www.securityfocus.com/bid/19192

Patch

http://www.ubuntu.com/usn/usn-354-1

http://www.vupen.com/english/advisories/2006/2998

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-06-025.html

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27981

https://exchange.xforce.ibmcloud.com/vulnerabilities/39998

https://issues.rpath.com/browse/RPL-536

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745

https://usn.ubuntu.com/327-1/

https://nvd.nist.gov/vuln/detail/CVE-2006-3677

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3677

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3677

EUVD