PT-2006-2718 · Mozilla+1 · Thunderbird+3
Shutdown
·
Publicado
2006-04-14
·
Atualizado
2018-10-18
·
CVE-2006-1726
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Firefox versions 1.5 through 1.5.0.1
Thunderbird versions 1.5 through 1.5.0.1
SeaMonkey versions prior to 1.0.1
Description:
The issue allows remote attackers to bypass the js ValueToFunctionObject check and execute arbitrary code via unknown vectors involving
setTimeout and Firefox' ForEach method.Recommendations:
For Firefox versions 1.5 through 1.5.0.1, update to version 1.5.0.2 or later.
For Thunderbird versions 1.5 through 1.5.0.1, update to version 1.5.0.2 or later.
For SeaMonkey versions prior to 1.0.1, update to version 1.0.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Firefox
Hp-Ux
Seamonkey
Thunderbird