Unrated severityNVD Advisory· Published Apr 14, 2006· Updated Apr 16, 2026
CVE-2006-1735
CVE-2006-1735
Description
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
Affected products
30cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.0.7
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*range: <=1.7.12
- cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*range: <=1.0
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=1.0.7
- cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
57- www.mozilla.org/security/announce/2006/mfsa2006-14.htmlnvdExploit
- secunia.com/advisories/19714nvdVendor Advisory
- secunia.com/advisories/19721nvdVendor Advisory
- secunia.com/advisories/19746nvdVendor Advisory
- secunia.com/advisories/19811nvdVendor Advisory
- secunia.com/advisories/19823nvdVendor Advisory
- secunia.com/advisories/19852nvdVendor Advisory
- secunia.com/advisories/19862nvdVendor Advisory
- secunia.com/advisories/19863nvdVendor Advisory
- secunia.com/advisories/19902nvdVendor Advisory
- secunia.com/advisories/19941nvdVendor Advisory
- secunia.com/advisories/19950nvdVendor Advisory
- secunia.com/advisories/21033nvdVendor Advisory
- secunia.com/advisories/21622nvdVendor Advisory
- www.kb.cert.org/vuls/id/813230nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-107A.htmlnvdUS Government Resource
- ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtnvd
- patches.sgi.com/support/free/security/advisories/20060404-01-U.ascnvd
- lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlnvd
- secunia.com/advisories/19631nvd
- secunia.com/advisories/19696nvd
- secunia.com/advisories/19729nvd
- secunia.com/advisories/19759nvd
- secunia.com/advisories/19780nvd
- secunia.com/advisories/19794nvd
- secunia.com/advisories/19821nvd
- secunia.com/advisories/20051nvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2006-205.htmnvd
- www.debian.org/security/2006/dsa-1044nvd
- www.debian.org/security/2006/dsa-1046nvd
- www.debian.org/security/2006/dsa-1051nvd
- www.gentoo.org/security/en/glsa/glsa-200604-12.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200604-18.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200605-09.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_04_25.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0328.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0329.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0330.htmlnvd
- www.securityfocus.com/archive/1/434524/100/0/threadednvd
- www.securityfocus.com/archive/1/436296/100/0/threadednvd
- www.securityfocus.com/archive/1/436338/100/0/threadednvd
- www.securityfocus.com/archive/1/438730/100/0/threadednvd
- www.securityfocus.com/bid/17516nvd
- www.vupen.com/english/advisories/2006/1356nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25815nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1037nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10930nvd
- usn.ubuntu.com/271-1/nvd
- usn.ubuntu.com/275-1/nvd
- usn.ubuntu.com/276-1/nvd
News mentions
0No linked articles in our index yet.