CVE-2006-5463

HIGH

Description

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing.

References

ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P

http://rhn.redhat.com/errata/RHSA-2006-0733.html

http://rhn.redhat.com/errata/RHSA-2006-0734.html

http://rhn.redhat.com/errata/RHSA-2006-0735.html

http://secunia.com/advisories/22066

http://secunia.com/advisories/22722

http://secunia.com/advisories/22727

http://secunia.com/advisories/22737

http://secunia.com/advisories/22763

http://secunia.com/advisories/22770

http://secunia.com/advisories/22774

http://secunia.com/advisories/22815

http://secunia.com/advisories/22817

http://secunia.com/advisories/22929

http://secunia.com/advisories/22965

http://secunia.com/advisories/22980

http://secunia.com/advisories/23009

http://secunia.com/advisories/23013

http://secunia.com/advisories/23197

http://secunia.com/advisories/23202

http://secunia.com/advisories/23235

http://secunia.com/advisories/23263

http://secunia.com/advisories/23287

http://secunia.com/advisories/23297

http://secunia.com/advisories/24711

http://security.gentoo.org/glsa/glsa-200612-06.xml

http://security.gentoo.org/glsa/glsa-200612-07.xml

http://security.gentoo.org/glsa/glsa-200612-08.xml

http://securitytracker.com/id?1017184

http://securitytracker.com/id?1017185

http://securitytracker.com/id?1017186

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103011-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200185-1

http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm

http://www.debian.org/security/2006/dsa-1224

http://www.debian.org/security/2006/dsa-1225

http://www.debian.org/security/2006/dsa-1227

http://www.kb.cert.org/vuls/id/714496

http://www.mandriva.com/security/advisories?name=MDKSA-2006:205

http://www.mandriva.com/security/advisories?name=MDKSA-2006:206

http://www.mozilla.org/security/announce/2006/mfsa2006-67.html

http://www.novell.com/linux/security/advisories/2006_68_mozilla.html

http://www.securityfocus.com/archive/1/451099/100/0/threaded

http://www.securityfocus.com/bid/20957

http://www.ubuntu.com/usn/usn-381-1

http://www.ubuntu.com/usn/usn-382-1

http://www.us-cert.gov/cas/techalerts/TA06-312A.html

http://www.vupen.com/english/advisories/2006/3748

http://www.vupen.com/english/advisories/2006/4387

http://www.vupen.com/english/advisories/2007/1198

http://www.vupen.com/english/advisories/2007/2663

http://www.vupen.com/english/advisories/2008/0083

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

https://bugzilla.mozilla.org/show_bug.cgi?id=355655

https://exchange.xforce.ibmcloud.com/vulnerabilities/30116

https://issues.rpath.com/browse/RPL-765

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10357

Details

Source: MITRE

Published: 2006-11-08

Updated: 2018-10-17

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (38 total)

IDNameProductFamilySeverity
67424Oracle Linux 4 : thunderbird (ELSA-2006-0735 / ELSA-2006-0677 / ELBA-2006-0624 / ELSA-2006-0611)NessusOracle Linux Local Security Checks
critical
67423Oracle Linux 4 : seamonkey (ELSA-2006-0734 / ELSA-2006-0676)NessusOracle Linux Local Security Checks
critical
67422Oracle Linux 4 : firefox (ELSA-2006-0733 / ELSA-2006-0675 / ELSA-2006-0610)NessusOracle Linux Local Security Checks
critical
37577CentOS 4 : firefox (CESA-2006:0733)NessusCentOS Local Security Checks
high
36615CentOS 4 : thunderbird (CESA-2006:0735)NessusCentOS Local Security Checks
high
36309CentOS 3 / 4 : seamonkey (CESA-2006:0734)NessusCentOS Local Security Checks
high
29357SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 2258)NessusSuSE Local Security Checks
high
27965Ubuntu 5.10 / 6.06 LTS / 6.10 : mozilla-thunderbird vulnerabilities (USN-382-1)NessusUbuntu Local Security Checks
high
27964Ubuntu 5.10 / 6.06 LTS : firefox vulnerabilities (USN-381-1)NessusUbuntu Local Security Checks
high
27437openSUSE 10 Security Update : seamonkey (seamonkey-2250)NessusSuSE Local Security Checks
high
27127openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-2252)NessusSuSE Local Security Checks
high
27116openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2251)NessusSuSE Local Security Checks
high
24591Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:206)NessusMandriva Local Security Checks
high
24590Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:205)NessusMandriva Local Security Checks
high
24403Solaris 9 (sparc) : 120671-08NessusSolaris Local Security Checks
critical
24395Solaris 8 (sparc) : 120671-08NessusSolaris Local Security Checks
critical
23860GLSA-200612-08 : SeaMonkey: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
23859GLSA-200612-07 : Mozilla Firefox: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
23858GLSA-200612-06 : Mozilla Thunderbird: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
23773Solaris 9 (x86) : 120672-08NessusSolaris Local Security Checks
critical
23772Solaris 8 (x86) : 120672-08NessusSolaris Local Security Checks
critical
23768Debian DSA-1227-1 : mozilla-thunderbird - several vulnerabilitiesNessusDebian Local Security Checks
high
23767Debian DSA-1225-2 : mozilla-firefox - several vulnerabilitiesNessusDebian Local Security Checks
high
23766Debian DSA-1224-1 : mozilla - several vulnerabilitiesNessusDebian Local Security Checks
high
23682RHEL 4 : thunderbird (RHSA-2006:0735)NessusRed Hat Local Security Checks
high
23681RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2006:0734)NessusRed Hat Local Security Checks
high
23680RHEL 4 : firefox (RHSA-2006:0733)NessusRed Hat Local Security Checks
high
3812Mozilla Firefox 1.5.x < 1.5.0.8 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
3811Mozilla Thunderbird < 1.5.0.8 Multiple Vulnerabilities (deprecated)Nessus Network MonitorSMTP Clients
medium
3810SeaMonkey < 1.0.6 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
23635Mozilla Thunderbird < 1.5.0.8 Multiple VulnerabilitiesNessusWindows
high
23634SeaMonkey < 1.0.6 Multiple VulnerabilitiesNessusWindows
high
23633Firefox < 1.5.0.8 Multiple VulnerabilitiesNessusWindows
high
22987Solaris 10 (x86) : 119116-35 (deprecated)NessusSolaris Local Security Checks
critical
22954Solaris 10 (sparc) : 119115-36 (deprecated)NessusSolaris Local Security Checks
critical
801347Mozilla Thunderbird < 1.5.0.8 Multiple VulnerabilitiesLog Correlation EngineSMTP Clients
high
800881SeaMonkey < 1.0.6 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
800748Firefox < 1.5.0.8 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high