CVE-2006-1733

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 1.x before 1.5 Mozilla Thunderbird versions 1.x before 1.5 Mozilla Thunderbird versions 1.0.x before 1.0.8 Mozilla Suite versions prior to 1.7.13 SeaMonkey versions prior to 1.0

Description: The issue allows remote attackers to execute arbitrary code by exploiting the improper protection of the compilation scope of privileged built-in XBL bindings. This can be achieved via the valueOf.call or valueOf.apply methods of an XBL binding, or by inserting an XBL method into the DOM's document.body prototype chain.

Recommendations: For Mozilla Firefox versions 1.x before 1.5, update to version 1.5 or later. For Mozilla Thunderbird versions 1.x before 1.5, update to version 1.5 or later. For Mozilla Thunderbird versions 1.0.x before 1.0.8, update to version 1.0.8 or later. For Mozilla Suite versions prior to 1.7.13, update to version 1.7.13 or later. For SeaMonkey versions prior to 1.0, update to version 1.0 or later.