CVE-2006-1735
Last modified
CVE-2006-1735 is a vulnerability of currently unknown severity. Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.. EPSS estimates a 8.98% chance of exploitation in the next 30 days.
Description
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Mozilla | Firefox | <= 1.0.7 | — |
| Mozilla | Firefox | 1.0 | — |
| Mozilla | Firefox | 1.0.1 | — |
| Mozilla | Firefox | 1.0.2 | — |
| Mozilla | Firefox | 1.0.3 | — |
| Mozilla | Firefox | 1.0.4 | — |
| Mozilla | Firefox | 1.0.5 | — |
| Mozilla | Firefox | 1.0.6 | — |
| Mozilla | Firefox | 1.5 | — |
| Mozilla | Mozilla Suite | <= 1.7.12 | — |
| Mozilla | Mozilla Suite | 1.7.6 | — |
| Mozilla | Mozilla Suite | 1.7.7 | — |
| Mozilla | Mozilla Suite | 1.7.8 | — |
| Mozilla | Mozilla Suite | 1.7.10 | — |
| Mozilla | Mozilla Suite | 1.7.11 | — |
| Mozilla | Seamonkey | <= 1.0 | Beta |
| Mozilla | Seamonkey | 1.0 | — |
| Mozilla | Thunderbird | <= 1.0.7 | — |
| Mozilla | Thunderbird | 1.0 | — |
| Mozilla | Thunderbird | 1.0.1 | — |
| Mozilla | Thunderbird | 1.0.2 | — |
| Mozilla | Thunderbird | 1.0.3 | — |
| Mozilla | Thunderbird | 1.0.4 | — |
| Mozilla | Thunderbird | 1.0.5 | — |
| Mozilla | Thunderbird | 1.0.6 | — |
| Mozilla | Thunderbird | 1.5 | — |
References
- http://secunia.com/advisories/19714Vendor Advisory
- http://secunia.com/advisories/19721Vendor Advisory
- http://secunia.com/advisories/19746Vendor Advisory
- http://secunia.com/advisories/19811Vendor Advisory
- http://secunia.com/advisories/19823Vendor Advisory
- http://secunia.com/advisories/19852Vendor Advisory
- http://secunia.com/advisories/19862Vendor Advisory
- http://secunia.com/advisories/19863Vendor Advisory
- http://secunia.com/advisories/19902Vendor Advisory
- http://secunia.com/advisories/19941Vendor Advisory
- http://secunia.com/advisories/19950Vendor Advisory
- http://secunia.com/advisories/21033Vendor Advisory
- http://secunia.com/advisories/21622Vendor Advisory
- http://www.kb.cert.org/vuls/id/813230US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
- http://secunia.com/advisories/19714Vendor Advisory
- http://secunia.com/advisories/19721Vendor Advisory
- http://secunia.com/advisories/19746Vendor Advisory
- http://secunia.com/advisories/19811Vendor Advisory
- http://secunia.com/advisories/19823Vendor Advisory
- http://secunia.com/advisories/19852Vendor Advisory
- http://secunia.com/advisories/19862Vendor Advisory
- http://secunia.com/advisories/19863Vendor Advisory
- http://secunia.com/advisories/19902Vendor Advisory
- http://secunia.com/advisories/19941Vendor Advisory
- http://secunia.com/advisories/19950Vendor Advisory
- http://secunia.com/advisories/21033Vendor Advisory
- http://secunia.com/advisories/21622Vendor Advisory
- http://www.kb.cert.org/vuls/id/813230US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA06-107A.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-1735?
How severe is CVE-2006-1735?
How do I fix CVE-2006-1735?
Are you affected by CVE-2006-1735?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST