cvelistv5 - cve-2006-1726

CVE-2006-1726 (GCVE-0-2006-1726)

Vulnerability from cvelistv5 – Published: 2006-04-14 10:00 – Updated: 2024-08-07 17:19

Summary

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/3748	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/434524/100…	vendor-advisoryx_refsource_HP
	http://securitytracker.com/id?1015933	vdb-entryx_refsource_SECTRACK
	http://securitytracker.com/id?1015932	vdb-entryx_refsource_SECTRACK
	http://securitytracker.com/id?1015931	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2006/3749	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/434524/100…	vendor-advisoryx_refsource_HP
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.vupen.com/english/advisories/2008/0083	vdb-entryx_refsource_VUPEN
	http://www.kb.cert.org/vuls/id/968814	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/archive/1/446658/100…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2006/1356	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/446657/100…	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/archive/1/446658/100…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/19649	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/446657/100…	vendor-advisoryx_refsource_HP
	http://www.us-cert.gov/cas/techalerts/TA06-107A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/bid/17516	vdb-entryx_refsource_BID
	http://secunia.com/advisories/22066	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/22065	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/19631	third-party-advisoryx_refsource_SECUNIA
	http://www.mozilla.org/security/announce/2006/mfs…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:19:49.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-3748",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3748"
          },
          {
            "name": "mozilla-valuetofunctionobject-sec-bypass(25825)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
          },
          {
            "name": "SSRT061145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
          },
          {
            "name": "1015933",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015933"
          },
          {
            "name": "1015932",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015932"
          },
          {
            "name": "1015931",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015931"
          },
          {
            "name": "ADV-2006-3749",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3749"
          },
          {
            "name": "HPSBTU02118",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:1968",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
          },
          {
            "name": "ADV-2008-0083",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0083"
          },
          {
            "name": "VU#968814",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/968814"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "ADV-2006-1356",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1356"
          },
          {
            "name": "SSRT061236",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "19649",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19649"
          },
          {
            "name": "HPSBUX02156",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
          },
          {
            "name": "TA06-107A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
          },
          {
            "name": "17516",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17516"
          },
          {
            "name": "22066",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22066"
          },
          {
            "name": "22065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22065"
          },
          {
            "name": "19631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19631"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2006-3748",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3748"
        },
        {
          "name": "mozilla-valuetofunctionobject-sec-bypass(25825)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
        },
        {
          "name": "SSRT061145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
        },
        {
          "name": "1015933",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015933"
        },
        {
          "name": "1015932",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015932"
        },
        {
          "name": "1015931",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015931"
        },
        {
          "name": "ADV-2006-3749",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3749"
        },
        {
          "name": "HPSBTU02118",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
        },
        {
          "name": "oval:org.mitre.oval:def:1968",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
        },
        {
          "name": "ADV-2008-0083",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0083"
        },
        {
          "name": "VU#968814",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/968814"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
        },
        {
          "name": "ADV-2006-1356",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1356"
        },
        {
          "name": "SSRT061236",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
        },
        {
          "name": "19649",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19649"
        },
        {
          "name": "HPSBUX02156",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
        },
        {
          "name": "TA06-107A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
        },
        {
          "name": "17516",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17516"
        },
        {
          "name": "22066",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22066"
        },
        {
          "name": "22065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22065"
        },
        {
          "name": "19631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19631"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-1726",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-3748",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3748"
            },
            {
              "name": "mozilla-valuetofunctionobject-sec-bypass(25825)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
            },
            {
              "name": "SSRT061145",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
            },
            {
              "name": "1015933",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015933"
            },
            {
              "name": "1015932",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015932"
            },
            {
              "name": "1015931",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015931"
            },
            {
              "name": "ADV-2006-3749",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3749"
            },
            {
              "name": "HPSBTU02118",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:1968",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
            },
            {
              "name": "ADV-2008-0083",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0083"
            },
            {
              "name": "VU#968814",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/968814"
            },
            {
              "name": "SSRT061181",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            },
            {
              "name": "ADV-2006-1356",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1356"
            },
            {
              "name": "SSRT061236",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            },
            {
              "name": "19649",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19649"
            },
            {
              "name": "HPSBUX02156",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
            },
            {
              "name": "TA06-107A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
            },
            {
              "name": "17516",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17516"
            },
            {
              "name": "22066",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22066"
            },
            {
              "name": "22065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22065"
            },
            {
              "name": "19631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19631"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-1726",
    "datePublished": "2006-04-14T10:00:00",
    "dateReserved": "2006-04-12T00:00:00",
    "dateUpdated": "2024-08-07T17:19:49.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A545A77-2198-4685-A87F-E0F2DAECECF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"778FAE0C-A5CF-4B67-93A9-1A803E3E699F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7447185-7509-449D-8907-F30A42CF7EB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EDBAC37-9D08-44D1-B279-BC6ACF126CAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FFF89FA-2020-43CC-BACD-D66117B3DD26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"834BB391-5EB5-43A8-980A-D305EDAE6FA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A38AD88-BAA6-4FBE-885B-69E951BD1EFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B500EE6C-99DB-49A3-A1F1-AFFD7FE28068\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABB88E86-6E83-4A59-9266-8B98AA91774D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"66BE50FE-EA21-4633-A181-CD35196DF06E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D6BF5B1-86D1-47FE-9D9C-735718F94874\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFDBA992-46F8-42A6-9428-C9E475CA69E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*\", \"matchCriteriaId\": \"D62F740C-706B-4290-AD92-3ECBC3D30768\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"055D1044-9FC5-45AA-8407-649E96C5AFE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C1C87A5-C14D-4A23-B865-3BB1FCDC8470\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0D56153-E20A-46D8-859E-A51E5C03D674\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C51A6F4-F88F-4BF2-BF71-5DC48559C085\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFC390CB-774C-47BE-95C3-059943A9E645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"379F6A73-B45F-4094-8167-4E929FFB1749\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B71DE7AC-553B-4524-8B33-5605518449EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72B02389-0DCD-45BC-A09F-CB6B75940616\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FB87608-0DF8-4729-95C5-CFA386AB3AC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A406214-29E5-4E13-B2E1-1CF72F1E60BC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method.\"}]",
      "evaluatorSolution": "This vulnerability is addressed in the following product releases:\r\nMozilla, Firefox, 1.5.0.2\r\nMozilla, Thunderbird, 1.5.0.2\r\nMozilla, SeaMonkey, 1.0.1",
      "id": "CVE-2006-1726",
      "lastModified": "2024-11-21T00:09:35.773",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2006-04-14T10:02:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/19631\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/19649\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22065\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22066\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015931\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1015932\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1015933\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/968814\", \"source\": \"secalert@redhat.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2006/mfsa2006-28.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/434524/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/434524/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446657/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446657/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/17516\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1356\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3748\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3749\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0083\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25825\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/19631\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/19649\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22065\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22066\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015931\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015932\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015933\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/968814\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2006/mfsa2006-28.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/434524/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/434524/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446657/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446657/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/17516\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1356\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3749\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25825\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-1726\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-04-14T10:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A545A77-2198-4685-A87F-E0F2DAECECF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"778FAE0C-A5CF-4B67-93A9-1A803E3E699F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7447185-7509-449D-8907-F30A42CF7EB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDBAC37-9D08-44D1-B279-BC6ACF126CAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FFF89FA-2020-43CC-BACD-D66117B3DD26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"834BB391-5EB5-43A8-980A-D305EDAE6FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A38AD88-BAA6-4FBE-885B-69E951BD1EFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B500EE6C-99DB-49A3-A1F1-AFFD7FE28068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB88E86-6E83-4A59-9266-8B98AA91774D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BE50FE-EA21-4633-A181-CD35196DF06E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6BF5B1-86D1-47FE-9D9C-735718F94874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFDBA992-46F8-42A6-9428-C9E475CA69E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*\",\"matchCriteriaId\":\"D62F740C-706B-4290-AD92-3ECBC3D30768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055D1044-9FC5-45AA-8407-649E96C5AFE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1C87A5-C14D-4A23-B865-3BB1FCDC8470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0D56153-E20A-46D8-859E-A51E5C03D674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C51A6F4-F88F-4BF2-BF71-5DC48559C085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFC390CB-774C-47BE-95C3-059943A9E645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"379F6A73-B45F-4094-8167-4E929FFB1749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71DE7AC-553B-4524-8B33-5605518449EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B02389-0DCD-45BC-A09F-CB6B75940616\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FB87608-0DF8-4729-95C5-CFA386AB3AC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A406214-29E5-4E13-B2E1-1CF72F1E60BC\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19649\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22065\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22066\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015931\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1015932\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1015933\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/968814\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-28.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/446657/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/446657/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3748\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3749\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25825\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19649\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22066\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/968814\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/434524/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446657/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446657/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-107A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3749\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25825\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorSolution\":\"This vulnerability is addressed in the following product releases:\\r\\nMozilla, Firefox, 1.5.0.2\\r\\nMozilla, Thunderbird, 1.5.0.2\\r\\nMozilla, SeaMonkey, 1.0.1\"}}"
  }
}

CERTA-2006-AVI-156

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Plusieurs vulnérabilités sont présentes dans Mozilla Firefox. Elles permettent à un utilisateur distant mal intentionné :

d'exécuter du code arbitraire ;
de provoquer un déni de service ;
de contourner la politique de sécurité du système ;
de porter atteinte à la confidentialité des données ;
de réaliser des attaques de type Cross-Site Scripting.

Solution

La version 1.5.0.2 de Mozilla Firefox corrige le problème :

http://www.mozilla.com/firefox/

Mozilla Firefox versions 1.5.0.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Firefox du 13 avril 2006	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2006:0328 du 14 avril 2006 :	-	other
Bulletin de sécurité Ubuntu USN-271 du 19 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:075 du 24 avril 2006 :	-	other
Bulletin de sécurité FreeBSD du 16 avril 2006 :	-	other
Bulletin de sécurité Mozilla du 13 avril 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200604-12 du 23 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0330 du 21 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:078 du 25 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:076 du 25 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0329 du 18 avril 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMozilla Firefox versions 1.5.0.1 et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Mozilla Firefox. Elles\npermettent \u00e0 un utilisateur distant mal intentionn\u00e9 :\n\n-   d\u0027ex\u00e9cuter du code arbitraire ;\n-   de provoquer un d\u00e9ni de service ;\n-   de contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me ;\n-   de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es ;\n-   de r\u00e9aliser des attaques de type Cross-Site Scripting.\n\n## Solution\n\nLa version 1.5.0.2 de Mozilla Firefox corrige le probl\u00e8me :\n\n    http://www.mozilla.com/firefox/\n",
  "cves": [
    {
      "name": "CVE-2006-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739"
    },
    {
      "name": "CVE-2006-1530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1530"
    },
    {
      "name": "CVE-2006-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729"
    },
    {
      "name": "CVE-2006-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734"
    },
    {
      "name": "CVE-2006-1730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730"
    },
    {
      "name": "CVE-2006-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737"
    },
    {
      "name": "CVE-2006-1728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728"
    },
    {
      "name": "CVE-2006-1732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732"
    },
    {
      "name": "CVE-2006-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1531"
    },
    {
      "name": "CVE-2006-1736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1736"
    },
    {
      "name": "CVE-2006-1740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740"
    },
    {
      "name": "CVE-2006-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738"
    },
    {
      "name": "CVE-2006-1742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742"
    },
    {
      "name": "CVE-2006-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1726"
    },
    {
      "name": "CVE-2006-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1725"
    },
    {
      "name": "CVE-2006-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733"
    },
    {
      "name": "CVE-2006-1727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727"
    },
    {
      "name": "CVE-2006-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1723"
    },
    {
      "name": "CVE-2006-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735"
    },
    {
      "name": "CVE-2006-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749"
    },
    {
      "name": "CVE-2006-1529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1529"
    },
    {
      "name": "CVE-2006-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741"
    },
    {
      "name": "CVE-2006-1731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731"
    },
    {
      "name": "CVE-2006-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0328 du 14 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0328.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-271 du 19 avril 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-271-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:075 du 24 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD du 16 avril 2006 :",
      "url": "http://www.vuxml.org/freebsd/pkg-linux-mozilla.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla du 13 avril 2006 :",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200604-12 du 23 avril 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0330 du 21 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0330.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:078 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:076 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0329 du 18 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0329.html"
    }
  ],
  "reference": "CERTA-2006-AVI-156",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-04-18T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 RedHat, FreeBSD et Ubuntu.",
      "revision_date": "2006-04-20T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo.",
      "revision_date": "2006-04-24T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva et RadHat.",
      "revision_date": "2006-04-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Attaque de type cross-site scripting"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Firefox",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Firefox du 13 avril 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-156

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Plusieurs vulnérabilités sont présentes dans Mozilla Firefox. Elles permettent à un utilisateur distant mal intentionné :

d'exécuter du code arbitraire ;
de provoquer un déni de service ;
de contourner la politique de sécurité du système ;
de porter atteinte à la confidentialité des données ;
de réaliser des attaques de type Cross-Site Scripting.

Solution

La version 1.5.0.2 de Mozilla Firefox corrige le problème :

http://www.mozilla.com/firefox/

Mozilla Firefox versions 1.5.0.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Firefox du 13 avril 2006	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2006:0328 du 14 avril 2006 :	-	other
Bulletin de sécurité Ubuntu USN-271 du 19 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:075 du 24 avril 2006 :	-	other
Bulletin de sécurité FreeBSD du 16 avril 2006 :	-	other
Bulletin de sécurité Mozilla du 13 avril 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200604-12 du 23 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0330 du 21 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:078 du 25 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:076 du 25 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0329 du 18 avril 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMozilla Firefox versions 1.5.0.1 et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Mozilla Firefox. Elles\npermettent \u00e0 un utilisateur distant mal intentionn\u00e9 :\n\n-   d\u0027ex\u00e9cuter du code arbitraire ;\n-   de provoquer un d\u00e9ni de service ;\n-   de contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me ;\n-   de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es ;\n-   de r\u00e9aliser des attaques de type Cross-Site Scripting.\n\n## Solution\n\nLa version 1.5.0.2 de Mozilla Firefox corrige le probl\u00e8me :\n\n    http://www.mozilla.com/firefox/\n",
  "cves": [
    {
      "name": "CVE-2006-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739"
    },
    {
      "name": "CVE-2006-1530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1530"
    },
    {
      "name": "CVE-2006-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729"
    },
    {
      "name": "CVE-2006-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734"
    },
    {
      "name": "CVE-2006-1730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730"
    },
    {
      "name": "CVE-2006-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737"
    },
    {
      "name": "CVE-2006-1728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728"
    },
    {
      "name": "CVE-2006-1732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732"
    },
    {
      "name": "CVE-2006-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1531"
    },
    {
      "name": "CVE-2006-1736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1736"
    },
    {
      "name": "CVE-2006-1740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740"
    },
    {
      "name": "CVE-2006-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738"
    },
    {
      "name": "CVE-2006-1742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742"
    },
    {
      "name": "CVE-2006-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1726"
    },
    {
      "name": "CVE-2006-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1725"
    },
    {
      "name": "CVE-2006-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733"
    },
    {
      "name": "CVE-2006-1727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727"
    },
    {
      "name": "CVE-2006-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1723"
    },
    {
      "name": "CVE-2006-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735"
    },
    {
      "name": "CVE-2006-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749"
    },
    {
      "name": "CVE-2006-1529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1529"
    },
    {
      "name": "CVE-2006-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741"
    },
    {
      "name": "CVE-2006-1731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731"
    },
    {
      "name": "CVE-2006-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0328 du 14 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0328.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-271 du 19 avril 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-271-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:075 du 24 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD du 16 avril 2006 :",
      "url": "http://www.vuxml.org/freebsd/pkg-linux-mozilla.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla du 13 avril 2006 :",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200604-12 du 23 avril 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0330 du 21 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0330.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:078 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:076 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0329 du 18 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0329.html"
    }
  ],
  "reference": "CERTA-2006-AVI-156",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-04-18T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 RedHat, FreeBSD et Ubuntu.",
      "revision_date": "2006-04-20T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo.",
      "revision_date": "2006-04-24T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva et RadHat.",
      "revision_date": "2006-04-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Attaque de type cross-site scripting"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Firefox",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Firefox du 13 avril 2006",
      "url": null
    }
  ]
}

GHSA-7P29-2P26-QHWG

Vulnerability from github – Published: 2022-05-01 06:52 – Updated: 2022-05-01 06:52

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1726"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-04-14T10:02:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method.",
  "id": "GHSA-7p29-2p26-qhwg",
  "modified": "2022-05-01T06:52:21Z",
  "published": "2022-05-01T06:52:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1726"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015931"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015932"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015933"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/968814"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-1726

Vulnerability from fkie_nvd - Published: 2006-04-14 10:02 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://secunia.com/advisories/19631	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/19649	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/22065	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/22066	Vendor Advisory
secalert@redhat.com	http://securitytracker.com/id?1015931
secalert@redhat.com	http://securitytracker.com/id?1015932
secalert@redhat.com	http://securitytracker.com/id?1015933
secalert@redhat.com	http://www.kb.cert.org/vuls/id/968814	US Government Resource
secalert@redhat.com	http://www.mozilla.org/security/announce/2006/mfsa2006-28.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/434524/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/446657/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/17516
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA06-107A.html	US Government Resource
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/1356
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3748
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3749
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0083
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/25825
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19631	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19649	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22065	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22066	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015931
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015932
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015933
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/968814	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2006/mfsa2006-28.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/434524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446657/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17516
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-107A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1356
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3748
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3749
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0083
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25825
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968

Impacted products

Vendor	Product	Version
mozilla	firefox	1.0
mozilla	firefox	1.0.1
mozilla	firefox	1.0.2
mozilla	firefox	1.0.3
mozilla	firefox	1.0.4
mozilla	firefox	1.0.5
mozilla	firefox	1.0.6
mozilla	firefox	1.0.7
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	preview_release
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0
mozilla	thunderbird	1.0
mozilla	thunderbird	1.0.1
mozilla	thunderbird	1.0.2
mozilla	thunderbird	1.0.3
mozilla	thunderbird	1.0.4
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.6
mozilla	thunderbird	1.0.7
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFDBA992-46F8-42A6-9428-C9E475CA69E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "D62F740C-706B-4290-AD92-3ECBC3D30768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method."
    }
  ],
  "evaluatorSolution": "This vulnerability is addressed in the following product releases:\r\nMozilla, Firefox, 1.5.0.2\r\nMozilla, Thunderbird, 1.5.0.2\r\nMozilla, SeaMonkey, 1.0.1",
  "id": "CVE-2006-1726",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015933"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/968814"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/968814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-1726

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-1726

Aliases

CVE-2006-1726

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1726",
    "description": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method.",
    "id": "GSD-2006-1726"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1726"
      ],
      "details": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method.",
      "id": "GSD-2006-1726",
      "modified": "2023-12-13T01:19:55.004195Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-1726",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2006-3748",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3748"
          },
          {
            "name": "mozilla-valuetofunctionobject-sec-bypass(25825)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
          },
          {
            "name": "SSRT061145",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
          },
          {
            "name": "1015933",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015933"
          },
          {
            "name": "1015932",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015932"
          },
          {
            "name": "1015931",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015931"
          },
          {
            "name": "ADV-2006-3749",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3749"
          },
          {
            "name": "HPSBTU02118",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:1968",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
          },
          {
            "name": "ADV-2008-0083",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0083"
          },
          {
            "name": "VU#968814",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/968814"
          },
          {
            "name": "SSRT061181",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "ADV-2006-1356",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1356"
          },
          {
            "name": "SSRT061236",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
          },
          {
            "name": "HPSBUX02153",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "19649",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19649"
          },
          {
            "name": "HPSBUX02156",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
          },
          {
            "name": "TA06-107A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
          },
          {
            "name": "17516",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17516"
          },
          {
            "name": "22066",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22066"
          },
          {
            "name": "22065",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22065"
          },
          {
            "name": "19631",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19631"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html",
            "refsource": "CONFIRM",
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-1726"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox\u0027 ForEach method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-28.html"
            },
            {
              "name": "VU#968814",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/968814"
            },
            {
              "name": "17516",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17516"
            },
            {
              "name": "19631",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19631"
            },
            {
              "name": "19649",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19649"
            },
            {
              "name": "TA06-107A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-107A.html"
            },
            {
              "name": "1015931",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015931"
            },
            {
              "name": "1015932",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015932"
            },
            {
              "name": "1015933",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015933"
            },
            {
              "name": "22065",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22065"
            },
            {
              "name": "22066",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22066"
            },
            {
              "name": "ADV-2006-1356",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1356"
            },
            {
              "name": "ADV-2008-0083",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0083"
            },
            {
              "name": "ADV-2006-3749",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3749"
            },
            {
              "name": "ADV-2006-3748",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3748"
            },
            {
              "name": "mozilla-valuetofunctionobject-sec-bypass(25825)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25825"
            },
            {
              "name": "oval:org.mitre.oval:def:1968",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1968"
            },
            {
              "name": "SSRT061181",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            },
            {
              "name": "SSRT061236",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
            },
            {
              "name": "SSRT061145",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/434524/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-18T16:34Z",
      "publishedDate": "2006-04-14T10:02Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-1726 (GCVE-0-2006-1726)

CERTA-2006-AVI-156

Description

Solution

CERTA-2006-AVI-156

Description

Solution

GHSA-7P29-2P26-QHWG

FKIE_CVE-2006-1726

GSD-2006-1726

Tags

Sightings

Nomenclature