VYPR
Unrated severityNVD Advisory· Published Apr 14, 2006· Updated Jun 16, 2026

CVE-2006-1733

CVE-2006-1733

Description

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

33
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.0.7
    • cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
    • (no CPE)range: <1.5
  • cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*range: <=1.7.12
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
    • (no CPE)range: <1.7.13
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*range: <=1.0
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=1.0.7
    • cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
    • (no CPE)range: <1.5

Patches

Vulnerability mechanics

References

57

News mentions

0

No linked articles in our index yet.