7.5

CVE-2006-3809

EPSS 2.96%
Veröffentlicht 27.07.2006 20:04:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 67

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Editiondev

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Thunderbird Version1.5

Mozilla ≫ Thunderbird Version1.5.0.2

Mozilla ≫ Thunderbird Version1.5.0.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.96%	0.852

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

http://secunia.com/advisories/21262

http://secunia.com/advisories/22065

http://www.securityfocus.com/archive/1/446657/100/200/threaded

http://www.vupen.com/english/advisories/2006/3749

http://secunia.com/advisories/22066

http://www.securityfocus.com/archive/1/446658/100/200/threaded

http://www.vupen.com/english/advisories/2006/3748

http://www.vupen.com/english/advisories/2008/0083

http://secunia.com/advisories/21532

http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

http://secunia.com/advisories/21607

http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

http://rhn.redhat.com/errata/RHSA-2006-0609.html

http://secunia.com/advisories/21269

http://secunia.com/advisories/21270

http://secunia.com/advisories/21336

http://secunia.com/advisories/21631

http://www.redhat.com/support/errata/RHSA-2006-0594.html

http://www.redhat.com/support/errata/RHSA-2006-0610.html

http://www.redhat.com/support/errata/RHSA-2006-0611.html

http://secunia.com/advisories/21634

http://secunia.com/advisories/21654

http://www.debian.org/security/2006/dsa-1159

http://www.debian.org/security/2006/dsa-1160

http://secunia.com/advisories/22342

http://www.ubuntu.com/usn/usn-361-1

http://secunia.com/advisories/19873

Patch

Vendor Advisory

http://secunia.com/advisories/21216

Patch

Vendor Advisory

http://secunia.com/advisories/21229

Patch

Vendor Advisory

http://secunia.com/advisories/21243

http://secunia.com/advisories/21246

http://secunia.com/advisories/21343

http://secunia.com/advisories/21361

http://secunia.com/advisories/21529

http://secunia.com/advisories/22210

http://security.gentoo.org/glsa/glsa-200608-02.xml

http://securitytracker.com/id?1016586

http://securitytracker.com/id?1016587

http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

http://www.redhat.com/support/errata/RHSA-2006-0608.html

http://www.securityfocus.com/archive/1/441333/100/0/threaded

http://www.securityfocus.com/bid/19181

Patch

http://www.ubuntu.com/usn/usn-354-1

http://www.vupen.com/english/advisories/2006/2998

https://issues.rpath.com/browse/RPL-536

https://usn.ubuntu.com/327-1/

http://secunia.com/advisories/21228

Patch

Vendor Advisory

http://secunia.com/advisories/21250

http://secunia.com/advisories/21275

http://secunia.com/advisories/21358

http://secunia.com/advisories/22055

http://security.gentoo.org/glsa/glsa-200608-04.xml

http://securitytracker.com/id?1016588

http://www.ubuntu.com/usn/usn-350-1

https://issues.rpath.com/browse/RPL-537

https://usn.ubuntu.com/329-1/

http://secunia.com/advisories/21675

http://www.debian.org/security/2006/dsa-1161

http://www.mozilla.org/security/announce/2006/mfsa2006-53.html

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27990

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9753

https://nvd.nist.gov/vuln/detail/CVE-2006-3809

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3809

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3809

EUVD