Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-3808

Published: 27/07/2006 Updated: 17/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Mozilla

Vulnerability Summary

Mozilla Firefox prior to 1.5.0.5 and SeaMonkey prior to 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla seamonkey 1.0.1

mozilla seamonkey 1.0.2

mozilla firefox 1.5.0.4

mozilla seamonkey 1.0

mozilla firefox 1.5.0.2

mozilla firefox 1.5.0.3

mozilla firefox 1.5

mozilla firefox 1.5.0.1

Vendor Advisories

Ubuntu Security Notice: mozilla vulnerabilities
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL (CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571) ...
Ubuntu Security Notice: firefox vulnerabilities
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812) ...
Debian Security Advisories: DSA-1160-2 mozilla -- several vulnerabilities
The latest security updates of Mozilla introduced a regression that led to a dysfunctional attachment panel which warrants a correction to fix this issue For reference please find below the original advisory text: Several security related problems have been discovered in Mozilla and derived products The Common Vulnerabilities and Exposures proje ...
Debian Security Advisories: DSA-1159-2 mozilla-thunderbird -- several vulnerabilities
The latest security updates of Mozilla Thunderbird introduced a regression that led to a dysfunctional attachment panel which warrants a correction to fix this issue For reference please find below the original advisory text: Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird The Co ...
Mozilla: PAC privilege escalation using Function.prototype.call
Mozilla Foundation Security Advisory 2006-52 PAC privilege escalation using Functionprototypecall Announced July 25, 2006 Reporter moz_bug_r_a4 Impact Moderate Products Firefox, SeaMonkey Fixed in ...

References

NVD-CWE-Otherhttp://www.mozilla.org/security/announce/2006/mfsa2006-52.htmlhttps://issues.rpath.com/browse/RPL-536http://www.securityfocus.com/bid/19181http://securitytracker.com/id?1016586http://securitytracker.com/id?1016587http://securitytracker.com/id?1016588http://secunia.com/advisories/19873http://secunia.com/advisories/21216http://secunia.com/advisories/21229http://www.redhat.com/support/errata/RHSA-2006-0608.htmlhttp://secunia.com/advisories/21246http://www.redhat.com/support/errata/RHSA-2006-0610.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0611.htmlhttp://secunia.com/advisories/21243http://secunia.com/advisories/21269http://secunia.com/advisories/21270http://security.gentoo.org/glsa/glsa-200608-02.xmlhttp://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/21336http://secunia.com/advisories/21361http://www.gentoo.org/security/en/glsa/glsa-200608-03.xmlhttps://issues.rpath.com/browse/RPL-537ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://secunia.com/advisories/21250http://secunia.com/advisories/21262http://secunia.com/advisories/21343http://www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlhttp://secunia.com/advisories/21529http://secunia.com/advisories/21532http://www.debian.org/security/2006/dsa-1159http://www.redhat.com/support/errata/RHSA-2006-0594.htmlhttp://secunia.com/advisories/21631http://secunia.com/advisories/21654http://www.debian.org/security/2006/dsa-1160http://www.debian.org/security/2006/dsa-1161http://secunia.com/advisories/21634http://secunia.com/advisories/21675http://www.ubuntu.com/usn/usn-354-1http://secunia.com/advisories/22210http://www.ubuntu.com/usn/usn-361-1http://secunia.com/advisories/22342http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://secunia.com/advisories/22065http://secunia.com/advisories/22066http://www.vupen.com/english/advisories/2006/3749http://www.vupen.com/english/advisories/2006/3748http://www.vupen.com/english/advisories/2008/0083http://www.vupen.com/english/advisories/2006/2998https://exchange.xforce.ibmcloud.com/vulnerabilities/27989https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10845https://usn.ubuntu.com/327-1/http://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.securityfocus.com/archive/1/441333/100/0/threadedhttps://nvd.nist.govhttps://usn.ubuntu.com/361-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook