CVE - CVE-2006-3803

CVE-ID
CVE-2006-3803	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1016586 URL:http://securitytracker.com/id?1016586 MISC:1016587 URL:http://securitytracker.com/id?1016587 MISC:1016588 URL:http://securitytracker.com/id?1016588 MISC:19181 URL:http://www.securityfocus.com/bid/19181 MISC:19873 URL:http://secunia.com/advisories/19873 MISC:20060703-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc MISC:20060727 rPSA-2006-0137-1 firefox URL:http://www.securityfocus.com/archive/1/441333/100/0/threaded MISC:21216 URL:http://secunia.com/advisories/21216 MISC:21228 URL:http://secunia.com/advisories/21228 MISC:21229 URL:http://secunia.com/advisories/21229 MISC:21243 URL:http://secunia.com/advisories/21243 MISC:21246 URL:http://secunia.com/advisories/21246 MISC:21250 URL:http://secunia.com/advisories/21250 MISC:21262 URL:http://secunia.com/advisories/21262 MISC:21269 URL:http://secunia.com/advisories/21269 MISC:21270 URL:http://secunia.com/advisories/21270 MISC:21275 URL:http://secunia.com/advisories/21275 MISC:21336 URL:http://secunia.com/advisories/21336 MISC:21343 URL:http://secunia.com/advisories/21343 MISC:21358 URL:http://secunia.com/advisories/21358 MISC:21361 URL:http://secunia.com/advisories/21361 MISC:21529 URL:http://secunia.com/advisories/21529 MISC:21532 URL:http://secunia.com/advisories/21532 MISC:21607 URL:http://secunia.com/advisories/21607 MISC:21631 URL:http://secunia.com/advisories/21631 MISC:22055 URL:http://secunia.com/advisories/22055 MISC:22065 URL:http://secunia.com/advisories/22065 MISC:22066 URL:http://secunia.com/advisories/22066 MISC:22210 URL:http://secunia.com/advisories/22210 MISC:ADV-2006-2998 URL:~~http://www.vupen.com/english/advisories/2006/2998~~ (Obsolete source) MISC:ADV-2006-3748 URL:~~http://www.vupen.com/english/advisories/2006/3748~~ (Obsolete source) MISC:ADV-2006-3749 URL:~~http://www.vupen.com/english/advisories/2006/3749~~ (Obsolete source) MISC:ADV-2008-0083 URL:~~http://www.vupen.com/english/advisories/2008/0083~~ (Obsolete source) MISC:GLSA-200608-02 URL:http://security.gentoo.org/glsa/glsa-200608-02.xml MISC:GLSA-200608-03 URL:http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml MISC:GLSA-200608-04 URL:http://security.gentoo.org/glsa/glsa-200608-04.xml MISC:HPSBUX02153 URL:http://www.securityfocus.com/archive/1/446658/100/200/threaded MISC:HPSBUX02156 URL:http://www.securityfocus.com/archive/1/446657/100/200/threaded MISC:MDKSA-2006:143 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:143~~ (Obsolete source) MISC:MDKSA-2006:145 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:145~~ (Obsolete source) MISC:MDKSA-2006:146 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:146~~ (Obsolete source) MISC:RHSA-2006:0594 URL:http://www.redhat.com/support/errata/RHSA-2006-0594.html MISC:RHSA-2006:0608 URL:http://www.redhat.com/support/errata/RHSA-2006-0608.html MISC:RHSA-2006:0609 URL:http://rhn.redhat.com/errata/RHSA-2006-0609.html MISC:RHSA-2006:0610 URL:http://www.redhat.com/support/errata/RHSA-2006-0610.html MISC:RHSA-2006:0611 URL:http://www.redhat.com/support/errata/RHSA-2006-0611.html MISC:SSRT061181 URL:http://www.securityfocus.com/archive/1/446658/100/200/threaded MISC:SSRT061236 URL:http://www.securityfocus.com/archive/1/446657/100/200/threaded MISC:SUSE-SA:2006:048 URL:http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html MISC:TA06-208A URL:http://www.us-cert.gov/cas/techalerts/TA06-208A.html MISC:USN-327-1 URL:https://usn.ubuntu.com/327-1/ MISC:USN-329-1 URL:https://usn.ubuntu.com/329-1/ MISC:USN-350-1 URL:http://www.ubuntu.com/usn/usn-350-1 MISC:USN-354-1 URL:http://www.ubuntu.com/usn/usn-354-1 MISC:VU#265964 URL:http://www.kb.cert.org/vuls/id/265964 MISC:http://www.mozilla.org/security/announce/2006/mfsa2006-48.html URL:http://www.mozilla.org/security/announce/2006/mfsa2006-48.html MISC:https://issues.rpath.com/browse/RPL-536 URL:https://issues.rpath.com/browse/RPL-536 MISC:https://issues.rpath.com/browse/RPL-537 URL:https://issues.rpath.com/browse/RPL-537 MISC:mozilla-javascript-garbage-race-condition(27984) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27984 MISC:oval:org.mitre.oval:def:10635 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635
Assigning CNA
Red Hat, Inc.
Date Record Created
20060724	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060724)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)