CVE-2006-2777

high

Description

Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context.

References

http://secunia.com/advisories/20376

http://secunia.com/advisories/20394

http://secunia.com/advisories/20561

http://secunia.com/advisories/21176

http://secunia.com/advisories/21178

http://secunia.com/advisories/21183

http://secunia.com/advisories/21188

http://secunia.com/advisories/21324

http://secunia.com/advisories/21532

http://secunia.com/advisories/22066

http://securitytracker.com/id?1016202

https://exchange.xforce.ibmcloud.com/vulnerabilities/26853

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1

https://usn.ubuntu.com/296-1/

https://usn.ubuntu.com/296-2/

https://usn.ubuntu.com/323-1/

http://www.debian.org/security/2006/dsa-1118

http://www.debian.org/security/2006/dsa-1120

http://www.debian.org/security/2006/dsa-1134

http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml

http://www.kb.cert.org/vuls/id/237257

http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

http://www.mozilla.org/security/announce/2006/mfsa2006-43.html

http://www.novell.com/linux/security/advisories/2006_35_mozilla.html

http://www.us-cert.gov/cas/techalerts/TA06-153A.html

http://www.vupen.com/english/advisories/2006/2106

http://www.vupen.com/english/advisories/2006/3748

http://www.vupen.com/english/advisories/2007/0058

http://www.vupen.com/english/advisories/2008/0083

Details

Source: Mitre, NVD

Published: 2006-06-02

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High