CVE-2006-3804
https://notcve.org/view.php?id=CVE-2006-3804
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow. Desbordamiento de búfer basado en pila en Mozilla Thunderbird anterior a 1.5.0.5 y SeaMonkey anterior a 1.0.3 permite a atacantes remotos provocar denegación de servicio (caida) a través de una adjunto Vcard con un campo base64 mal formado, lo cual copia más datos que los esperados llevando consigo a un desbordamiento inferior de entero. • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://secunia.com/advisories/21246 http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21269 http://secunia.com/advisories/21275 http://secunia.com/advisories/21336 http://secunia.com/advisories/21343 http://secunia.com/advisories •
CVE-2006-3803
https://notcve.org/view.php?id=CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. Condición de carrera en el colector de basura JavaSCript en Mozilla Firefox 1.5 anterior a 1.5.0.5, Thunderbird anterior a 1.5.0.5, y SeaMonkey anterior a 1.0.3 podría permitir a atacantes remotos ejecutar código de su elección provocando que el colector de basura borra variables temporales mientras todavía se está utilizando durante la creación de un nuevo objeto de la función. • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/19873 http://secunia.com/advisories/21216 http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://secunia.com/advisories/21243 http://secunia.com/advisories/21246 http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21269 http://secunia.com/advisories •
CVE-2006-3806
https://notcve.org/view.php?id=CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." Múltiples desbordamientos de búfer de enteros en el motor JavaScript en Mozilla Firefox anterior a 1.5.0.5, Thunderbird anterior a 1.5.0.5, y SeaMonkey anterior a 1.0.3 podrían permitir a atacantes remotos ejecutar código de su elección a través de vectores que afectan a (1) cadena en el método toSource del objeto, objetos Array y String, y (2)"argumentos de cadenas de función" no especificadas. • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/19873 http://secunia.com/advisories/21216 http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://secunia.com/advisories/21243 http://secunia.com/advisories/21246 http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21269 http://secunia.com/advisories • CWE-189: Numeric Errors •
CVE-2006-3807
https://notcve.org/view.php?id=CVE-2006-3807
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor. Mozilla Firefox anterior a 1.5.0.5, Thunderbird anterior a 1.5.0.5, y SeaMonkey anterior a 1.0.3 permite a atacantes remotos ejecutar código de su elección a través de la secuencia de comandos que cambian el constructor Object() estandar para retornar a la referencia a un objeto privilegiado y la llamada a las "funciones JavaScript" que usa el constructor. • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/19873 http://secunia.com/advisories/21216 http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://secunia.com/advisories/21243 http://secunia.com/advisories/21246 http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21269 http://secunia.com/advisories •
CVE-2006-3677 – Mozilla Firefox Javascript navigator Object Vulnerability
https://notcve.org/view.php?id=CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. Mozilla Firefox 1.5 anterior a 1.5.0.5 y SeaMonkey anterior a 1.0.3 permite a atacantes remotos ejecutar código de su elección cambiando ciertas propiedades del objeto de la ventana de navegación (window.navigator) que es accedido cuando comienza Java, lo cual provoca un caida que desemboca en una ejecución de código. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla Firefox web browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The flaw exists when assigning specific values to the window.navigator object. A lack of checking on assignment causes user supplied data to be later used in the creation of other objects leading to eventual code execution. • https://www.exploit-db.com/exploits/2082 https://www.exploit-db.com/exploits/9946 https://www.exploit-db.com/exploits/16300 ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/19873 http://secunia.com/advisories/21216 http://secunia.com/advisories/21229 http://secunia.com/advisories/21243 http://secunia.com/advisories/21246 http://secunia.com/advisories/21262 http:/ • CWE-16: Configuration •