Unrated severityNVD Advisory· Published Jul 27, 2006· Updated Jun 16, 2026
CVE-2006-3811
CVE-2006-3811
Description
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
- (no CPE)range: <1.0.3
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
- (no CPE)range: <1.5.0.5
Patches
Vulnerability mechanics
References
65- secunia.com/advisories/19873nvdPatchVendor Advisory
- secunia.com/advisories/21216nvdPatchVendor Advisory
- secunia.com/advisories/21228nvdPatchVendor Advisory
- secunia.com/advisories/21229nvdPatchVendor Advisory
- www.securityfocus.com/bid/19181nvdPatch
- patches.sgi.com/support/free/security/advisories/20060703-01-U.ascnvdVendor Advisory
- secunia.com/advisories/21250nvdVendor Advisory
- secunia.com/advisories/21262nvdVendor Advisory
- secunia.com/advisories/21336nvdVendor Advisory
- secunia.com/advisories/21343nvdVendor Advisory
- secunia.com/advisories/21358nvdVendor Advisory
- secunia.com/advisories/21361nvdVendor Advisory
- secunia.com/advisories/21529nvdVendor Advisory
- www.mozilla.org/security/announce/2006/mfsa2006-55.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/527676nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-208A.htmlnvdUS Government Resource
- rhn.redhat.com/errata/RHSA-2006-0609.htmlnvd
- secunia.com/advisories/21243nvd
- secunia.com/advisories/21246nvd
- secunia.com/advisories/21269nvd
- secunia.com/advisories/21270nvd
- secunia.com/advisories/21275nvd
- secunia.com/advisories/21532nvd
- secunia.com/advisories/21607nvd
- secunia.com/advisories/21631nvd
- secunia.com/advisories/21675nvd
- secunia.com/advisories/22055nvd
- secunia.com/advisories/22065nvd
- secunia.com/advisories/22066nvd
- secunia.com/advisories/22210nvd
- secunia.com/advisories/22342nvd
- secunia.com/advisories/25839nvd
- security.gentoo.org/glsa/glsa-200608-02.xmlnvd
- security.gentoo.org/glsa/glsa-200608-04.xmlnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2006/dsa-1161nvd
- www.gentoo.org/security/en/glsa/glsa-200608-03.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_48_seamonkey.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0594.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0608.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0610.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0611.htmlnvd
- www.securityfocus.com/archive/1/441333/100/0/threadednvd
- www.securityfocus.com/archive/1/446657/100/200/threadednvd
- www.securityfocus.com/archive/1/446658/100/200/threadednvd
- www.ubuntu.com/usn/usn-350-1nvd
- www.ubuntu.com/usn/usn-354-1nvd
- www.ubuntu.com/usn/usn-361-1nvd
- www.vupen.com/english/advisories/2006/2998nvd
- www.vupen.com/english/advisories/2006/3748nvd
- www.vupen.com/english/advisories/2006/3749nvd
- www.vupen.com/english/advisories/2007/2350nvd
- www.vupen.com/english/advisories/2008/0083nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27992nvd
- issues.rpath.com/browse/RPL-536nvd
- issues.rpath.com/browse/RPL-537nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9934nvd
- usn.ubuntu.com/327-1/nvd
- usn.ubuntu.com/329-1/nvd
News mentions
0No linked articles in our index yet.