Unrated severityNVD Advisory· Published Jun 2, 2006· Updated Jun 16, 2026
CVE-2006-2787
CVE-2006-2787
Description
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
- (no CPE)range: < 1.5.0.4
cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
- (no CPE)range: < 1.5.0.4
Patches
Vulnerability mechanics
References
51- www.mozilla.org/security/announce/2006/mfsa2006-31.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2006-0609.htmlnvd
- secunia.com/advisories/20376nvd
- secunia.com/advisories/20382nvd
- secunia.com/advisories/20561nvd
- secunia.com/advisories/20709nvd
- secunia.com/advisories/21134nvd
- secunia.com/advisories/21176nvd
- secunia.com/advisories/21178nvd
- secunia.com/advisories/21183nvd
- secunia.com/advisories/21188nvd
- secunia.com/advisories/21210nvd
- secunia.com/advisories/21269nvd
- secunia.com/advisories/21270nvd
- secunia.com/advisories/21324nvd
- secunia.com/advisories/21336nvd
- secunia.com/advisories/21532nvd
- secunia.com/advisories/21607nvd
- secunia.com/advisories/21631nvd
- secunia.com/advisories/22065nvd
- secunia.com/advisories/22066nvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- www.debian.org/security/2006/dsa-1118nvd
- www.debian.org/security/2006/dsa-1120nvd
- www.debian.org/security/2006/dsa-1134nvd
- www.gentoo.org/security/en/glsa/glsa-200606-12.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200606-21.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_35_mozilla.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0578.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0594.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0610.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0611.htmlnvd
- www.securityfocus.com/archive/1/435795/100/0/threadednvd
- www.securityfocus.com/archive/1/446657/100/200/threadednvd
- www.securityfocus.com/archive/1/446658/100/200/threadednvd
- www.securityfocus.com/bid/18228nvd
- www.vupen.com/english/advisories/2006/2106nvd
- www.vupen.com/english/advisories/2006/3748nvd
- www.vupen.com/english/advisories/2006/3749nvd
- www.vupen.com/english/advisories/2008/0083nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26842nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491nvd
- usn.ubuntu.com/296-1/nvd
- usn.ubuntu.com/296-2/nvd
- usn.ubuntu.com/297-1/nvd
- usn.ubuntu.com/297-3/nvd
- usn.ubuntu.com/323-1/nvd
News mentions
0No linked articles in our index yet.