5.1

CVE-2006-3803

EPSS 23.45%
Published 27.07.2006 19:04:00
Last modified 03.04.2025 01:03:51
Source secalert@redhat.com
Teams watchlist Login
Open Login

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.

Affected products Warnungen 0 Metrics 2 CWE 0 References 61

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Editiondev

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Thunderbird Version1.5

Mozilla ≫ Thunderbird Version1.5.0.2

Mozilla ≫ Thunderbird Version1.5.0.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	23.45%	0.955

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

http://secunia.com/advisories/21262

http://secunia.com/advisories/22065

http://www.securityfocus.com/archive/1/446657/100/200/threaded

http://www.vupen.com/english/advisories/2006/3749

http://secunia.com/advisories/22066

http://www.securityfocus.com/archive/1/446658/100/200/threaded

http://www.vupen.com/english/advisories/2006/3748

http://www.vupen.com/english/advisories/2008/0083

http://secunia.com/advisories/21532

http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

http://secunia.com/advisories/21607

http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

http://rhn.redhat.com/errata/RHSA-2006-0609.html

http://secunia.com/advisories/21269

http://secunia.com/advisories/21270

http://secunia.com/advisories/21336

http://secunia.com/advisories/21631

http://www.redhat.com/support/errata/RHSA-2006-0594.html

http://www.redhat.com/support/errata/RHSA-2006-0610.html

http://www.redhat.com/support/errata/RHSA-2006-0611.html

http://www.us-cert.gov/cas/techalerts/TA06-208A.html

US Government Resource

http://secunia.com/advisories/19873

Patch

Vendor Advisory

http://secunia.com/advisories/21216

Patch

Vendor Advisory

http://secunia.com/advisories/21229

Patch

Vendor Advisory

http://secunia.com/advisories/21243

http://secunia.com/advisories/21246

http://secunia.com/advisories/21343

http://secunia.com/advisories/21361

http://secunia.com/advisories/21529

http://secunia.com/advisories/22210

http://security.gentoo.org/glsa/glsa-200608-02.xml

http://securitytracker.com/id?1016586

http://securitytracker.com/id?1016587

http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

http://www.redhat.com/support/errata/RHSA-2006-0608.html

http://www.securityfocus.com/archive/1/441333/100/0/threaded

http://www.securityfocus.com/bid/19181

Patch

http://www.ubuntu.com/usn/usn-354-1

http://www.vupen.com/english/advisories/2006/2998

https://issues.rpath.com/browse/RPL-536

https://usn.ubuntu.com/327-1/

http://secunia.com/advisories/21228

Patch

Vendor Advisory

http://secunia.com/advisories/21250

http://secunia.com/advisories/21275

http://secunia.com/advisories/21358

http://secunia.com/advisories/22055

http://security.gentoo.org/glsa/glsa-200608-04.xml

http://securitytracker.com/id?1016588

http://www.kb.cert.org/vuls/id/265964

Third Party Advisory

US Government Resource

http://www.mozilla.org/security/announce/2006/mfsa2006-48.html

http://www.ubuntu.com/usn/usn-350-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/27984

https://issues.rpath.com/browse/RPL-537

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635

https://usn.ubuntu.com/329-1/

https://nvd.nist.gov/vuln/detail/CVE-2006-3803

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3803

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3803

EUVD