CVE-2006-1735

HIGH

Description

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

ID	Name	Product	Family	Severity
29744	Firefox < 1.0.8 Multiple Vulnerabilities	Nessus	Windows	high
24403	Solaris 9 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
24395	Solaris 8 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
23773	Solaris 9 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
23772	Solaris 8 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
22987	Solaris 10 (x86) : 119116-35 (deprecated)	Nessus	Solaris Local Security Checks	critical
22954	Solaris 10 (sparc) : 119115-36 (deprecated)	Nessus	Solaris Local Security Checks	critical
22593	Debian DSA-1051-1 : mozilla-thunderbird - several vulnerabilities	Nessus	Debian Local Security Checks	critical
22588	Debian DSA-1046-1 : mozilla - several vulnerabilities	Nessus	Debian Local Security Checks	critical
22586	Debian DSA-1044-1 : mozilla-firefox - several vulnerabilities	Nessus	Debian Local Security Checks	critical
21994	CentOS 4 : thunderbird (CESA-2006:0330)	Nessus	CentOS Local Security Checks	critical
21993	CentOS 4 : firefox (CESA-2006:0328)	Nessus	CentOS Local Security Checks	critical
21898	CentOS 3 / 4 : mozilla (CESA-2006:0329)	Nessus	CentOS Local Security Checks	critical
21461	FreeBSD : mozilla -- multiple vulnerabilities (84630f4a-cd8c-11da-b7b9-000c6ec775d9)	Nessus	FreeBSD Local Security Checks	critical
21351	GLSA-200605-09 : Mozilla Thunderbird: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
21321	Ubuntu 5.04 / 5.10 : mozilla-thunderbird vulnerabilities (USN-276-1)	Nessus	Ubuntu Local Security Checks	critical
21315	GLSA-200604-18 : Mozilla Suite: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
21301	Ubuntu 4.10 / 5.04 / 5.10 : mozilla vulnerabilities (USN-275-1)	Nessus	Ubuntu Local Security Checks	critical
21288	RHEL 4 : thunderbird (RHSA-2006:0330)	Nessus	Red Hat Local Security Checks	critical
21284	Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:078)	Nessus	Mandriva Local Security Checks	critical
21282	Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:075)	Nessus	Mandriva Local Security Checks	critical
21277	GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
21270	Ubuntu 4.10 / 5.04 / 5.10 : mozilla-firefox, firefox vulnerabilities (USN-271-1)	Nessus	Ubuntu Local Security Checks	critical
21257	RHEL 2.1 / 3 / 4 : mozilla (RHSA-2006:0329)	Nessus	Red Hat Local Security Checks	critical
21251	Fedora Core 5 : firefox-1.5.0.2-1.1.fc5 (2006-411)	Nessus	Fedora Local Security Checks	critical
21250	Fedora Core 4 : firefox-1.0.8-1.1.fc4 (2006-410)	Nessus	Fedora Local Security Checks	critical
21232	RHEL 4 : firefox (RHSA-2006:0328)	Nessus	Red Hat Local Security Checks	critical
21226	SeaMonkey < 1.0.1 Multiple Vulnerabilities	Nessus	Windows	high
20863	SeaMonkey < 1.0 Multiple Vulnerabilities	Nessus	Windows	high
3516	SeaMonkey < 1.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3514	Mozilla Firefox < 1.7.13 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3513	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities (deprecated)	Nessus Network Monitor	SMTP Clients	medium
3512	Mozilla Firefox < 1.0.8 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
801357	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801226	Mozilla Browser < 1.7.13 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801220	Mozilla Firefox < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high

CVE-2006-1735

Description

References

Details

Risk Information

CVSS v2.0