VYPR
Unrated severityNVD Advisory· Published Jul 27, 2006· Updated Jun 16, 2026

CVE-2006-3802

CVE-2006-3802

Description

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
    • (no CPE)range: <1.5.0.5
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
    • (no CPE)range: <1.0.3
  • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
    • (no CPE)range: <1.5.0.5

Patches

Vulnerability mechanics

References

56

News mentions

0

No linked articles in our index yet.