CVE-2006-1735

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2006-1735

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-1735.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2006-1735

Related

Published

2006-04-14T10:02:00Z

Modified

2024-11-21T00:09:37Z

Summary

[none]

Details

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

References

Affected packages

Debian:11 / thunderbird

Package

Name: thunderbird
Purl: pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0.2-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / thunderbird

Package

Name: thunderbird
Purl: pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0.2-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / thunderbird

Package

Name: thunderbird
Purl: pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0.2-1

Ecosystem specific

{
    "urgency": "medium"
}