Lucene search

[email protected]CVE-2006-1734

HistoryApr 14, 2006 - 10:02 a.m.

CVE-2006-1734

2006-04-1410:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1734

mozilla firefox

thunderbird

remote code execution

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.973 High

EPSS

Percentile

99.9%

JSON

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the “clone parent” internal function.

Affected configurations

NVD

Node

mozillafirefoxRange≤1.0.7

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillafirefoxMatch1.0.5

mozillafirefoxMatch1.0.6

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5beta1

mozillafirefoxMatch1.5beta2

mozillamozilla_suiteRange≤1.7.12

mozillamozilla_suiteMatch1.7.6

mozillamozilla_suiteMatch1.7.7

mozillamozilla_suiteMatch1.7.8

mozillamozilla_suiteMatch1.7.10

mozillamozilla_suiteMatch1.7.11

mozillaseamonkeyRange≤1.0beta

mozillaseamonkeyMatch1.0alpha

mozillathunderbirdRange≤1.0.7

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.3

mozillathunderbirdMatch1.0.4

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.5beta

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5beta2

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle1.0.7
mozilla:firefoxmozilla firefoxeq1.0
mozilla:firefoxmozilla firefoxeq1.0.1
mozilla:firefoxmozilla firefoxeq1.0.2
mozilla:firefoxmozilla firefoxeq1.0.3
mozilla:firefoxmozilla firefoxeq1.0.4
mozilla:firefoxmozilla firefoxeq1.0.5
mozilla:firefoxmozilla firefoxeq1.0.6
mozilla:firefoxmozilla firefoxeq1.5
mozilla:mozilla_suitemozilla mozilla suitele1.7.12

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	1.0.7
mozilla:firefox	mozilla firefox	eq	1.0
mozilla:firefox	mozilla firefox	eq	1.0.1
mozilla:firefox	mozilla firefox	eq	1.0.2
mozilla:firefox	mozilla firefox	eq	1.0.3
mozilla:firefox	mozilla firefox	eq	1.0.4
mozilla:firefox	mozilla firefox	eq	1.0.5
mozilla:firefox	mozilla firefox	eq	1.0.6
mozilla:firefox	mozilla firefox	eq	1.5
mozilla:mozilla_suite	mozilla mozilla suite	le	1.7.12

Rows per page:

1-10 of 251

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc

lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html

secunia.com/advisories/19631

secunia.com/advisories/19696

secunia.com/advisories/19714

secunia.com/advisories/19721

secunia.com/advisories/19729

secunia.com/advisories/19746

secunia.com/advisories/19759

secunia.com/advisories/19780

secunia.com/advisories/19794

secunia.com/advisories/19811

secunia.com/advisories/19821

secunia.com/advisories/19823

secunia.com/advisories/19852

secunia.com/advisories/19862

secunia.com/advisories/19863

secunia.com/advisories/19902

secunia.com/advisories/19941

secunia.com/advisories/19950

secunia.com/advisories/20051

secunia.com/advisories/21033

secunia.com/advisories/21622

sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

support.avaya.com/elmodocs2/security/ASA-2006-205.htm

www.debian.org/security/2006/dsa-1044

www.debian.org/security/2006/dsa-1046

www.debian.org/security/2006/dsa-1051

www.gentoo.org/security/en/glsa/glsa-200604-12.xml

www.gentoo.org/security/en/glsa/glsa-200604-18.xml

www.gentoo.org/security/en/glsa/glsa-200605-09.xml

www.kb.cert.org/vuls/id/842094

www.mandriva.com/security/advisories?name=MDKSA-2006:075

www.mandriva.com/security/advisories?name=MDKSA-2006:076

www.mandriva.com/security/advisories?name=MDKSA-2006:078

www.mozilla.org/security/announce/2006/mfsa2006-15.html

www.novell.com/linux/security/advisories/2006_04_25.html

www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html

www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html

www.redhat.com/support/errata/RHSA-2006-0328.html

www.redhat.com/support/errata/RHSA-2006-0329.html

www.redhat.com/support/errata/RHSA-2006-0330.html

www.securityfocus.com/archive/1/434524/100/0/threaded

www.securityfocus.com/archive/1/436296/100/0/threaded

www.securityfocus.com/archive/1/436338/100/0/threaded

www.securityfocus.com/archive/1/438730/100/0/threaded

www.securityfocus.com/bid/17516

www.us-cert.gov/cas/techalerts/TA06-107A.html

www.vupen.com/english/advisories/2006/1356

exchange.xforce.ibmcloud.com/vulnerabilities/25816

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10755

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1247

usn.ubuntu.com/271-1/

usn.ubuntu.com/275-1/

usn.ubuntu.com/276-1/

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.973 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2006-1734

nvd1 debiancve1 cert1 mozilla1 ubuntucve1 prion1 cvelist1 securityvulns1 nessus34 openvas16 ubuntu3 centos4 redhat3 suse3 gentoo3 debian8 osv3 freebsd1