CVE-2006-2787

Publication date 2 June 2006

Last updated 24 July 2024


Ubuntu priority

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

Status

Package Ubuntu Release Status
firefox 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
firefox-granparadiso 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
lightning-sunbird 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
midbrowser 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
mozilla-thunderbird 7.04 feisty
Fixed 1.5.0.13-0ubuntu0.7.04
6.10 edgy
Fixed 1.5.0.13-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.0.13-0ubuntu0.6.06
xulrunner 7.04 feisty
Fixed 1.8.0.5-4.2
6.10 edgy
Fixed 1.8.0.5-4.2
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-323-1
    • mozilla vulnerabilities
    • 26 July 2006
    • USN-297-1
    • Thunderbird vulnerabilities
    • 14 June 2006
    • USN-297-3
    • Thunderbird vulnerabilities
    • 26 July 2006
    • USN-296-2
    • Firefox vulnerabilities
    • 25 July 2006
    • USN-296-1
    • firefox vulnerabilities
    • 9 June 2006

Other references