CVE Reference: CVE-2006-3801

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-3801

Description:
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/27980

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-327-1
  http://www.ubuntu.com/usn/usn-354-1

SUSE
  http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

ST
  1016588
  1016586
  1016587

SGI

SAID
  Secunia Advisory: SA21631
  Secunia Advisory: SA21532
  Secunia Advisory: SA21529
  Secunia Advisory: SA21343
  Secunia Advisory: SA21262
  Secunia Advisory: SA21250
  Secunia Advisory: SA21361
  Secunia Advisory: SA21358
  Secunia Advisory: SA21336
  Secunia Advisory: SA21270
  Secunia Advisory: SA21269
  Secunia Advisory: SA21243
  Secunia Advisory: SA21246
  Secunia Advisory: SA21229
  Secunia Advisory: SA21228
  Secunia Advisory: SA21216
  Secunia Advisory: SA19873
  Secunia Advisory: SA22210
  Secunia Advisory: SA22065
  Secunia Advisory: SA22066

REDHAT
  http://www.redhat.com/support/errata/RHSA-2006-0594.html
  http://rhn.redhat.com/errata/RHSA-2006-0609.html
  http://www.redhat.com/support/errata/RHSA-2006-0608.html
  http://www.redhat.com/support/errata/RHSA-2006-0610.html
  http://www.redhat.com/support/errata/RHSA-2006-0611.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11501

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

HP
  http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded
  http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml
  http://security.gentoo.org/glsa/glsa-200608-02.xml

CONFIRM
  http://www.mozilla.org/security/announce/2006/mfsa2006-44.html

CERT-VN
  476724

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-208A.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/441333/100/0/threaded

BID
  19181


Return to the previous page.