Home > Vulnerability Database > CVE-2006-3806

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-3806

Date: July 27, 2006

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

Severity Score

7.3

Related Resources (72)

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: http://www.debian.org/security/2006/dsa-1159

Url: http://www.securityfocus.com/archive/1/441333/100/0/threaded

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232

Url: http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

Url: http://www.securityfocus.com/bid/19181

Url: http://www.redhat.com/support/errata/RHSA-2006-0608.html

Url: https://access.redhat.com/security/cve/CVE-2006-3806

Url: http://www.vupen.com/english/advisories/2007/0058

Url: http://www.redhat.com/support/errata/RHSA-2006-0611.html

Url: http://secunia.com/advisories/21532

Url: http://www.securityfocus.com/archive/1/446658/100/200/threaded

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1

Url: http://secunia.com/advisories/21336

Url: http://www.redhat.com/support/errata/RHSA-2006-0610.html

Url: http://secunia.com/advisories/21654

Url: http://secunia.com/advisories/21216

Url: http://www.redhat.com/support/errata/RHSA-2006-0594.html

Url: http://www.vupen.com/english/advisories/2006/3749

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-3806

Url: http://secunia.com/advisories/21250

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/3748

Url: http://secunia.com/advisories/22342

Url: http://secunia.com/advisories/22066

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-50.html

Url: http://securitytracker.com/id?1016587

Url: http://securitytracker.com/id?1016588

Url: https://issues.rpath.com/browse/RPL-536

Url: http://securitytracker.com/id?1016586

Url: https://issues.rpath.com/browse/RPL-537

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27987

Url: http://secunia.com/advisories/21269

Url: https://usn.ubuntu.com/327-1/

Url: http://www.ubuntu.com/usn/usn-361-1

Url: http://secunia.com/advisories/21228

Url: http://secunia.com/advisories/21229

Url: http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

Url: http://www.debian.org/security/2006/dsa-1160

Url: http://www.debian.org/security/2006/dsa-1161

Url: http://secunia.com/advisories/21262

Url: http://secunia.com/advisories/21343

Url: http://www.us-cert.gov/cas/techalerts/TA06-208A.html

Url: http://secunia.com/advisories/19873

Url: http://www.vupen.com/english/advisories/2008/0083

Url: http://secunia.com/advisories/21631

Url: http://secunia.com/advisories/21675

Url: http://www.ubuntu.com/usn/usn-354-1

Url: http://security.gentoo.org/glsa/glsa-200608-02.xml

Url: http://secunia.com/advisories/21358

Url: http://www.ubuntu.com/usn/usn-350-1

Url: http://secunia.com/advisories/21634

Url: http://secunia.com/advisories/21270

Url: http://www.vupen.com/english/advisories/2006/2998

Url: http://secunia.com/advisories/21275

Url: http://rhn.redhat.com/errata/RHSA-2006-0609.html

Url: http://secunia.com/advisories/21529

Url: http://secunia.com/advisories/21607

Url: http://www.kb.cert.org/vuls/id/655892

Url: https://usn.ubuntu.com/329-1/

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3806

Url: http://secunia.com/advisories/21246

Url: http://security.gentoo.org/glsa/glsa-200608-04.xml

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

Url: http://secunia.com/advisories/21361

Url: http://secunia.com/advisories/22210

Url: http://secunia.com/advisories/22055

Url: http://secunia.com/advisories/21243

Url: https://www.mend.io/vulnerability-database/CVE-2006-3806

Severity Score

7.3

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us