Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2776

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2776
Last Modified 07 Mar 2011 09:37:00
Published 02 Jun 2006 02:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2776

Summary

Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.

Vulnerable Systems

Application

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.10.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Firefox 1.0.7

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.3

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.2

  • Mozilla Thunderbird 0.3

  • Mozilla Thunderbird 0.4

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.7.1

  • Mozilla Thunderbird 0.7.2

  • Mozilla Thunderbird 0.7.3

  • Mozilla Thunderbird 0.8

  • Mozilla Thunderbird 0.9

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.1

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.3

  • Mozilla Thunderbird 1.0.4

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.7

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.1


References

CERT-VN - VU#575969

CERT - TA06-153A

CONFIRM - http://www.mozilla.org/security/announce/2006/mfsa2006-37.html

VUPEN - ADV-2008-0083

VUPEN - ADV-2007-0573

VUPEN - ADV-2006-3749

VUPEN - ADV-2006-3748

VUPEN - ADV-2006-2106

HP - SSRT061181

HP - HPSBUX02156

XF - mozilla-contentdefined-code-execution(26848)

UBUNTU - USN-323-1

UBUNTU - USN-297-3

UBUNTU - USN-297-1

UBUNTU - USN-296-2

UBUNTU - USN-296-1

BID - 18228

HP - HPSBUX02153

HP - SSRT061236

BUGTRAQ - 20060602 rPSA-2006-0091-1 firefox thunderbird

REDHAT - RHSA-2006:0611

REDHAT - RHSA-2006:0610

REDHAT - RHSA-2006:0594

REDHAT - RHSA-2006:0578

SUSE - SUSE-SA:2006:035

MANDRIVA - MDKSA-2006:146

MANDRIVA - MDKSA-2006:145

MANDRIVA - MDKSA-2006:143

GENTOO - GLSA-200606-21

GENTOO - GLSA-200606-12

DEBIAN - DSA-1134

DEBIAN - DSA-1120

DEBIAN - DSA-1118

SUNALERT - 102800

SECTRACK - 1016214

SECTRACK - 1016202

SECUNIA - 24108

SECUNIA - 22066

SECUNIA - 22065

SECUNIA - 21631

SECUNIA - 21607

SECUNIA - 21532

SECUNIA - 21336

SECUNIA - 21324

SECUNIA - 21270

SECUNIA - 21269

SECUNIA - 21210

SECUNIA - 21188

SECUNIA - 21183

SECUNIA - 21178

SECUNIA - 21176

SECUNIA - 21134

SECUNIA - 20709

SECUNIA - 20561

SECUNIA - 20382

SECUNIA - 20376

REDHAT - RHSA-2006:0609


Last Updated: 27 May 2016 10:42:46