Unrated severityNVD Advisory· Published Jul 27, 2006· Updated Jun 16, 2026
CVE-2006-3806
CVE-2006-3806
Description
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
- (no CPE)range: <1.0.3
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
Patches
Vulnerability mechanics
References
68- secunia.com/advisories/19873nvdPatchVendor Advisory
- secunia.com/advisories/21216nvdPatchVendor Advisory
- secunia.com/advisories/21228nvdPatchVendor Advisory
- secunia.com/advisories/21229nvdPatchVendor Advisory
- www.securityfocus.com/bid/19181nvdPatch
- rhn.redhat.com/errata/RHSA-2006-0609.htmlnvdVendor Advisory
- secunia.com/advisories/21243nvdVendor Advisory
- secunia.com/advisories/21246nvdVendor Advisory
- secunia.com/advisories/21250nvdVendor Advisory
- secunia.com/advisories/21262nvdVendor Advisory
- secunia.com/advisories/21269nvdVendor Advisory
- secunia.com/advisories/21270nvdVendor Advisory
- secunia.com/advisories/21275nvdVendor Advisory
- secunia.com/advisories/21336nvdVendor Advisory
- secunia.com/advisories/21343nvdVendor Advisory
- secunia.com/advisories/21358nvdVendor Advisory
- secunia.com/advisories/21361nvdVendor Advisory
- secunia.com/advisories/21529nvdVendor Advisory
- secunia.com/advisories/21532nvdVendor Advisory
- secunia.com/advisories/21607nvdVendor Advisory
- secunia.com/advisories/21631nvdVendor Advisory
- secunia.com/advisories/21634nvdVendor Advisory
- secunia.com/advisories/21654nvdVendor Advisory
- secunia.com/advisories/21675nvdVendor Advisory
- www.kb.cert.org/vuls/id/655892nvdThird Party AdvisoryUS Government Resource
- www.mozilla.org/security/announce/2006/mfsa2006-50.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0608.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0610.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0611.htmlnvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA06-208A.htmlnvdUS Government Resource
- patches.sgi.com/support/free/security/advisories/20060703-01-U.ascnvd
- secunia.com/advisories/22055nvd
- secunia.com/advisories/22065nvd
- secunia.com/advisories/22066nvd
- secunia.com/advisories/22210nvd
- secunia.com/advisories/22342nvd
- security.gentoo.org/glsa/glsa-200608-02.xmlnvd
- security.gentoo.org/glsa/glsa-200608-04.xmlnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2006/dsa-1159nvd
- www.debian.org/security/2006/dsa-1160nvd
- www.debian.org/security/2006/dsa-1161nvd
- www.gentoo.org/security/en/glsa/glsa-200608-03.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0594.htmlnvd
- www.securityfocus.com/archive/1/441333/100/0/threadednvd
- www.securityfocus.com/archive/1/446657/100/200/threadednvd
- www.securityfocus.com/archive/1/446658/100/200/threadednvd
- www.ubuntu.com/usn/usn-350-1nvd
- www.ubuntu.com/usn/usn-354-1nvd
- www.ubuntu.com/usn/usn-361-1nvd
- www.vupen.com/english/advisories/2006/2998nvd
- www.vupen.com/english/advisories/2006/3748nvd
- www.vupen.com/english/advisories/2006/3749nvd
- www.vupen.com/english/advisories/2007/0058nvd
- www.vupen.com/english/advisories/2008/0083nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27987nvd
- issues.rpath.com/browse/RPL-536nvd
- issues.rpath.com/browse/RPL-537nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11232nvd
- usn.ubuntu.com/327-1/nvd
- usn.ubuntu.com/329-1/nvd
News mentions
0No linked articles in our index yet.