CVE-2006-3806

{"id": "CVE-2006-3806", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-27T19:04:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/19873", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21216", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21228", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21229", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21243", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21246", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21250", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21262", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21269", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21270", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21275", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21336", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21343", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21358", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21361", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21529", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21532", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21607", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21631", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21634", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21654", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/21675", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22055", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22065", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22066", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22210", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/22342", "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200608-02.xml", "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200608-04.xml", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016586", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016587", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1016588", "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2006/dsa-1159", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2006/dsa-1160", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2006/dsa-1161", "source": "secalert@redhat.com"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml", "source": "secalert@redhat.com"}, {"url": "http://www.kb.cert.org/vuls/id/655892", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146", "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-50.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/19181", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-350-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-354-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-361-1", "source": "secalert@redhat.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html", "tags": ["US Government Resource"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/2998", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/3748", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/3749", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2007/0058", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/0083", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27987", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-536", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-537", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232", "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/327-1/", "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/329-1/", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified \"string function arguments.\""}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer de enteros en el motor JavaScript en Mozilla Firefox anterior a 1.5.0.5, Thunderbird anterior a 1.5.0.5, y SeaMonkey anterior a 1.0.3 podr\u00edan permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores que afectan a (1) cadena en el m\u00e9todo toSource del objeto, objetos Array y String, y (2)\"argumentos de cadenas de funci\u00f3n\" no especificadas."}], "lastModified": "2018-10-17T21:30:46.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA"}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55344F76-1C42-4DD8-A28B-1C33626C6FD2"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C99BAF7-B48E-4402-B2BF-EB07235E402E"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0ADE8D7-B3C3-4490-9CD5-0263BBA75D28"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}