CVE-2006-3806
Published: 27 July 2006
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
firefox-granparadiso Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
lightning-sunbird Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
midbrowser Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
mozilla-thunderbird Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
xulrunner Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|