CVE-2006-2787
https://notcve.org/view.php?id=CVE-2006-2787
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox. • http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21134 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21269 http://secunia.com/advisories •
CVE-2006-2779
https://notcve.org/view.php?id=CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption. • http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21134 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21269 http://secunia.com/advisories • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2006-1529
https://notcve.org/view.php?id=CVE-2006-1529
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/19863 http://secunia.com/advisories/19941 http://secunia.com/advisories/21033 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 http://securitytracker.com/id?1015919 http://securitytracker.com/id?1015920 http://securitytracker.com/id?1015921 http://www.debian.org/security/2006/ds •
CVE-2006-1723
https://notcve.org/view.php?id=CVE-2006-1723
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/19863 http://secunia.com/advisories/19941 http://secunia.com/advisories/21033 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 http://securitytracker.com/id?1015919 http://securitytracker.com/id?1015920 http://securitytracker.com/id?1015921 http://www.debian.org/security/2006/ds •
CVE-2006-1726
https://notcve.org/view.php?id=CVE-2006-1726
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method. • http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 http://securitytracker.com/id?1015931 http://securitytracker.com/id?1015932 http://securitytracker.com/id?1015933 http://www.kb.cert.org/vuls/id/968814 http://www.mozilla.org/security/announce/2006/mfsa2006-28.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://www.securityfocus.com/archive/1/446657/100/200 • CWE-264: Permissions, Privileges, and Access Controls •