CVE-2006-3677
First published: Thu Jul 27 2006(Updated: )
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla SeaMonkey | =1.0.1 | |
| Mozilla Firefox | =1.5.0.3 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla Firefox | =1.5 | |
| Mozilla SeaMonkey | =1.0.2 | |
| Mozilla Firefox | =1.5.0.2 | |
| Mozilla SeaMonkey | =1.0 | |
| Mozilla Firefox | =1.5.0.4 | |
| Mozilla Firefox | =1.5.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.zerodayinitiative.com/advisories/ZDI-06-025.html
- http://www.kb.cert.org/vuls/id/670060
- http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
- https://issues.rpath.com/browse/RPL-536
- http://www.securityfocus.com/bid/19181
- http://www.securityfocus.com/bid/19192
- http://securitytracker.com/id?1016586
- http://securitytracker.com/id?1016587
- http://secunia.com/advisories/19873
- http://secunia.com/advisories/21216
- http://secunia.com/advisories/21229
- http://www.redhat.com/support/errata/RHSA-2006-0608.html
- http://www.us-cert.gov/cas/techalerts/TA06-208A.html
- http://secunia.com/advisories/21246
- http://www.redhat.com/support/errata/RHSA-2006-0610.html
- http://www.redhat.com/support/errata/RHSA-2006-0611.html
- http://secunia.com/advisories/21243
- http://secunia.com/advisories/21269
- http://secunia.com/advisories/21270
- http://security.gentoo.org/glsa/glsa-200608-02.xml
- http://rhn.redhat.com/errata/RHSA-2006-0609.html
- http://secunia.com/advisories/21336
- http://secunia.com/advisories/21361
- http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml
- http://secunia.com/advisories/21262
- http://secunia.com/advisories/21343
- http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html
- http://secunia.com/advisories/21529
- http://secunia.com/advisories/21532
- http://www.redhat.com/support/errata/RHSA-2006-0594.html
- http://secunia.com/advisories/21631
- http://www.ubuntu.com/usn/usn-354-1
- http://secunia.com/advisories/22210
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
- http://secunia.com/advisories/22066
- http://www.vupen.com/english/advisories/2008/0083
- http://www.vupen.com/english/advisories/2006/3748
- http://www.vupen.com/english/advisories/2006/2998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27981
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745
- https://usn.ubuntu.com/327-1/
- http://www.securityfocus.com/archive/1/446658/100/200/threaded
- http://www.securityfocus.com/archive/1/441333/100/0/threaded
- http://www.securityfocus.com/archive/1/441332/100/0/threaded
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/author
- agent/type
- agent/event
- agent/severity
- agent/weakness
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/mozilla
- canonical/mozilla seamonkey
- version/mozilla seamonkey/1.0.1
- canonical/mozilla firefox
- version/mozilla firefox/1.5.0.3
- version/mozilla seamonkey/1.0
- version/mozilla firefox/1.5
- version/mozilla seamonkey/1.0.2
- version/mozilla firefox/1.5.0.2
- version/mozilla firefox/1.5.0.4
- version/mozilla firefox/1.5.0.1