CVE - CVE-2006-3806

CVE-ID
CVE-2006-3806	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20060727 rPSA-2006-0137-1 firefox URL:http://www.securityfocus.com/archive/1/441333/100/0/threaded CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-50.html CONFIRM:https://issues.rpath.com/browse/RPL-536 CONFIRM:https://issues.rpath.com/browse/RPL-537 DEBIAN:DSA-1159 URL:http://www.debian.org/security/2006/dsa-1159 DEBIAN:DSA-1160 URL:http://www.debian.org/security/2006/dsa-1160 DEBIAN:DSA-1161 URL:http://www.debian.org/security/2006/dsa-1161 GENTOO:GLSA-200608-02 URL:http://security.gentoo.org/glsa/glsa-200608-02.xml GENTOO:GLSA-200608-04 URL:http://security.gentoo.org/glsa/glsa-200608-04.xml GENTOO:GLSA-200608-03 URL:http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml HP:HPSBUX02153 URL:http://www.securityfocus.com/archive/1/446658/100/200/threaded HP:SSRT061181 URL:http://www.securityfocus.com/archive/1/446658/100/200/threaded HP:HPSBUX02156 URL:http://www.securityfocus.com/archive/1/446657/100/200/threaded HP:SSRT061236 URL:http://www.securityfocus.com/archive/1/446657/100/200/threaded MANDRIVA:MDKSA-2006:143 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 MANDRIVA:MDKSA-2006:145 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 MANDRIVA:MDKSA-2006:146 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 REDHAT:RHSA-2006:0608 URL:http://www.redhat.com/support/errata/RHSA-2006-0608.html REDHAT:RHSA-2006:0610 URL:http://www.redhat.com/support/errata/RHSA-2006-0610.html REDHAT:RHSA-2006:0611 URL:http://www.redhat.com/support/errata/RHSA-2006-0611.html REDHAT:RHSA-2006:0609 URL:http://rhn.redhat.com/errata/RHSA-2006-0609.html REDHAT:RHSA-2006:0594 URL:http://www.redhat.com/support/errata/RHSA-2006-0594.html SGI:20060703-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc SUNALERT:102763 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 SUSE:SUSE-SA:2006:048 URL:http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html UBUNTU:USN-327-1 URL:https://usn.ubuntu.com/327-1/ UBUNTU:USN-329-1 URL:https://usn.ubuntu.com/329-1/ UBUNTU:USN-350-1 URL:http://www.ubuntu.com/usn/usn-350-1 UBUNTU:USN-354-1 URL:http://www.ubuntu.com/usn/usn-354-1 UBUNTU:USN-361-1 URL:http://www.ubuntu.com/usn/usn-361-1 CERT:TA06-208A URL:http://www.us-cert.gov/cas/techalerts/TA06-208A.html CERT-VN:VU#655892 URL:http://www.kb.cert.org/vuls/id/655892 BID:19181 URL:http://www.securityfocus.com/bid/19181 OVAL:oval:org.mitre.oval:def:11232 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232 VUPEN:ADV-2006-2998 URL:http://www.vupen.com/english/advisories/2006/2998 VUPEN:ADV-2007-0058 URL:http://www.vupen.com/english/advisories/2007/0058 VUPEN:ADV-2006-3748 URL:http://www.vupen.com/english/advisories/2006/3748 VUPEN:ADV-2006-3749 URL:http://www.vupen.com/english/advisories/2006/3749 VUPEN:ADV-2008-0083 URL:http://www.vupen.com/english/advisories/2008/0083 SECTRACK:1016586 URL:http://securitytracker.com/id?1016586 SECTRACK:1016587 URL:http://securitytracker.com/id?1016587 SECTRACK:1016588 URL:http://securitytracker.com/id?1016588 SECUNIA:19873 URL:http://secunia.com/advisories/19873 SECUNIA:21216 URL:http://secunia.com/advisories/21216 SECUNIA:21228 URL:http://secunia.com/advisories/21228 SECUNIA:21229 URL:http://secunia.com/advisories/21229 SECUNIA:21246 URL:http://secunia.com/advisories/21246 SECUNIA:21243 URL:http://secunia.com/advisories/21243 SECUNIA:21269 URL:http://secunia.com/advisories/21269 SECUNIA:21270 URL:http://secunia.com/advisories/21270 SECUNIA:21275 URL:http://secunia.com/advisories/21275 SECUNIA:21336 URL:http://secunia.com/advisories/21336 SECUNIA:21358 URL:http://secunia.com/advisories/21358 SECUNIA:21361 URL:http://secunia.com/advisories/21361 SECUNIA:21250 URL:http://secunia.com/advisories/21250 SECUNIA:21262 URL:http://secunia.com/advisories/21262 SECUNIA:21343 URL:http://secunia.com/advisories/21343 SECUNIA:21529 URL:http://secunia.com/advisories/21529 SECUNIA:21532 URL:http://secunia.com/advisories/21532 SECUNIA:21607 URL:http://secunia.com/advisories/21607 SECUNIA:21631 URL:http://secunia.com/advisories/21631 SECUNIA:21654 URL:http://secunia.com/advisories/21654 SECUNIA:21634 URL:http://secunia.com/advisories/21634 SECUNIA:21675 URL:http://secunia.com/advisories/21675 SECUNIA:22055 URL:http://secunia.com/advisories/22055 SECUNIA:22210 URL:http://secunia.com/advisories/22210 SECUNIA:22342 URL:http://secunia.com/advisories/22342 SECUNIA:22065 URL:http://secunia.com/advisories/22065 SECUNIA:22066 URL:http://secunia.com/advisories/22066 XF:mozilla-javascript-engine-overflow(27987) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27987
Assigning CNA
N/A
Date Entry Created
20060724	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060724)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org