Unrated severityNVD Advisory· Published Jul 27, 2006· Updated Jun 16, 2026
CVE-2006-3807
CVE-2006-3807
Description
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
- (no CPE)range: <1.0.3
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
Patches
Vulnerability mechanics
References
68- secunia.com/advisories/19873nvdPatchVendor Advisory
- secunia.com/advisories/21216nvdPatchVendor Advisory
- secunia.com/advisories/21228nvdPatchVendor Advisory
- secunia.com/advisories/21229nvdPatchVendor Advisory
- www.securityfocus.com/bid/19181nvdPatch
- www.kb.cert.org/vuls/id/687396nvdThird Party AdvisoryUS Government Resource
- www.mozilla.org/security/announce/2006/mfsa2006-51.htmlnvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA06-208A.htmlnvdUS Government Resource
- patches.sgi.com/support/free/security/advisories/20060703-01-U.ascnvd
- rhn.redhat.com/errata/RHSA-2006-0609.htmlnvd
- secunia.com/advisories/21243nvd
- secunia.com/advisories/21246nvd
- secunia.com/advisories/21250nvd
- secunia.com/advisories/21262nvd
- secunia.com/advisories/21269nvd
- secunia.com/advisories/21270nvd
- secunia.com/advisories/21275nvd
- secunia.com/advisories/21336nvd
- secunia.com/advisories/21343nvd
- secunia.com/advisories/21358nvd
- secunia.com/advisories/21361nvd
- secunia.com/advisories/21529nvd
- secunia.com/advisories/21532nvd
- secunia.com/advisories/21607nvd
- secunia.com/advisories/21631nvd
- secunia.com/advisories/21634nvd
- secunia.com/advisories/21654nvd
- secunia.com/advisories/21675nvd
- secunia.com/advisories/22055nvd
- secunia.com/advisories/22065nvd
- secunia.com/advisories/22066nvd
- secunia.com/advisories/22210nvd
- secunia.com/advisories/22342nvd
- security.gentoo.org/glsa/glsa-200608-02.xmlnvd
- security.gentoo.org/glsa/glsa-200608-04.xmlnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2006/dsa-1159nvd
- www.debian.org/security/2006/dsa-1160nvd
- www.debian.org/security/2006/dsa-1161nvd
- www.gentoo.org/security/en/glsa/glsa-200608-03.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0594.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0608.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0610.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0611.htmlnvd
- www.securityfocus.com/archive/1/441333/100/0/threadednvd
- www.securityfocus.com/archive/1/446657/100/200/threadednvd
- www.securityfocus.com/archive/1/446658/100/200/threadednvd
- www.ubuntu.com/usn/usn-350-1nvd
- www.ubuntu.com/usn/usn-354-1nvd
- www.ubuntu.com/usn/usn-361-1nvd
- www.vupen.com/english/advisories/2006/2998nvd
- www.vupen.com/english/advisories/2006/3748nvd
- www.vupen.com/english/advisories/2006/3749nvd
- www.vupen.com/english/advisories/2007/0058nvd
- www.vupen.com/english/advisories/2008/0083nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27988nvd
- issues.rpath.com/browse/RPL-536nvd
- issues.rpath.com/browse/RPL-537nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10374nvd
- usn.ubuntu.com/327-1/nvd
- usn.ubuntu.com/329-1/nvd
News mentions
0No linked articles in our index yet.