CVE Vulnerabilities

CVE-2006-2787

Published: Jun 02, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 1.5 1.5
Thunderbird Mozilla 1.0.7 1.0.7
Firefox Mozilla 1.0.2 1.0.2
Firefox Mozilla 1.5 1.5
Firefox Mozilla 1.5 1.5
Firefox Mozilla 1.0.4 1.0.4
Firefox Mozilla 1.0.7 1.0.7
Thunderbird Mozilla 1.0 1.0
Thunderbird Mozilla 1.0.1 1.0.1
Thunderbird Mozilla 1.5 1.5
Thunderbird Mozilla 1.0.2 1.0.2
Firefox Mozilla 1.0 1.0
Thunderbird Mozilla 1.5 1.5
Firefox Mozilla 1.0.1 1.0.1
Firefox Mozilla preview_release preview_release
Thunderbird Mozilla 1.0.4 1.0.4
Thunderbird Mozilla 1.0.3 1.0.3
Firefox Mozilla 1.0.3 1.0.3
Thunderbird Mozilla 1.0.6 1.0.6
Thunderbird Mozilla 1.0.5 1.0.5
Thunderbird Mozilla 1.0.5 1.0.5
Firefox Mozilla 1.5.0.1 1.5.0.1
Firefox Mozilla 1.0.5 1.0.5
Firefox Mozilla 1.0.6 1.0.6

References