NVD Vulnerability Detail

CVE-2006-3803

Summary	Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
Publication Date	July 28, 2006, 4:04 a.m.
Registration Date	Jan. 29, 2021, 3:42 p.m.
Last Update	Oct. 18, 2018, 6:30 a.m.

CVSS2.0 : MEDIUM
Score	5.1
Vector	AV:N/AC:H/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	はい
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0::dev:::::
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc	SGI
2	http://rhn.redhat.com/errata/RHSA-2006-0609.html	REDHAT
3	http://secunia.com/advisories/19873	SECUNIA	Patch Vendor Advisory
4	http://secunia.com/advisories/21216	SECUNIA	Patch Vendor Advisory
5	http://secunia.com/advisories/21228	SECUNIA	Patch Vendor Advisory
6	http://secunia.com/advisories/21229	SECUNIA	Patch Vendor Advisory
7	http://secunia.com/advisories/21243	SECUNIA
8	http://secunia.com/advisories/21246	SECUNIA
9	http://secunia.com/advisories/21250	SECUNIA
10	http://secunia.com/advisories/21262	SECUNIA
11	http://secunia.com/advisories/21269	SECUNIA
12	http://secunia.com/advisories/21270	SECUNIA
13	http://secunia.com/advisories/21275	SECUNIA
14	http://secunia.com/advisories/21336	SECUNIA
15	http://secunia.com/advisories/21343	SECUNIA
16	http://secunia.com/advisories/21358	SECUNIA
17	http://secunia.com/advisories/21361	SECUNIA
18	http://secunia.com/advisories/21529	SECUNIA
19	http://secunia.com/advisories/21532	SECUNIA
20	http://secunia.com/advisories/21607	SECUNIA
21	http://secunia.com/advisories/21631	SECUNIA
22	http://secunia.com/advisories/22055	SECUNIA
23	http://secunia.com/advisories/22065	SECUNIA
24	http://secunia.com/advisories/22066	SECUNIA
25	http://secunia.com/advisories/22210	SECUNIA
26	http://security.gentoo.org/glsa/glsa-200608-02.xml	GENTOO
27	http://security.gentoo.org/glsa/glsa-200608-04.xml	GENTOO
28	http://securitytracker.com/id?1016586	SECTRACK
29	http://securitytracker.com/id?1016587	SECTRACK
30	http://securitytracker.com/id?1016588	SECTRACK
31	http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml	GENTOO
32	http://www.kb.cert.org/vuls/id/265964	CERT-VN	Third Party Advisory US Government Resource
33	http://www.mandriva.com/security/advisories?name=MDKSA-2006:143	MANDRIVA
34	http://www.mandriva.com/security/advisories?name=MDKSA-2006:145	MANDRIVA
35	http://www.mandriva.com/security/advisories?name=MDKSA-2006:146	MANDRIVA
36	http://www.mozilla.org/security/announce/2006/mfsa2006-48.html	CONFIRM
37	http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html	SUSE
38	http://www.redhat.com/support/errata/RHSA-2006-0594.html	REDHAT
39	http://www.redhat.com/support/errata/RHSA-2006-0608.html	REDHAT
40	http://www.redhat.com/support/errata/RHSA-2006-0610.html	REDHAT
41	http://www.redhat.com/support/errata/RHSA-2006-0611.html	REDHAT
42	http://www.securityfocus.com/archive/1/441333/100/0/threaded	BUGTRAQ
43	http://www.securityfocus.com/archive/1/446657/100/200/threaded	HP
44	http://www.securityfocus.com/archive/1/446658/100/200/threaded	HP
45	http://www.securityfocus.com/bid/19181	BID	Patch
46	http://www.ubuntu.com/usn/usn-350-1	UBUNTU
47	http://www.ubuntu.com/usn/usn-354-1	UBUNTU
48	http://www.us-cert.gov/cas/techalerts/TA06-208A.html	CERT	US Government Resource
49	http://www.vupen.com/english/advisories/2006/2998	VUPEN
50	http://www.vupen.com/english/advisories/2006/3748	VUPEN
51	http://www.vupen.com/english/advisories/2006/3749	VUPEN
52	http://www.vupen.com/english/advisories/2008/0083	VUPEN
53	https://exchange.xforce.ibmcloud.com/vulnerabilities/27984	XF
54	https://issues.rpath.com/browse/RPL-536	CONFIRM
55	https://issues.rpath.com/browse/RPL-537	CONFIRM
56	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635	OVAL
57	https://usn.ubuntu.com/327-1/	UBUNTU
58	https://usn.ubuntu.com/329-1/	UBUNTU

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0::dev:::::
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*