CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3806

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.296

EPSS Ranking 96.4%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2006-3806

Mozilla » Firefox » Version: 1.5

cpe:2.3:a:mozilla:firefox:1.5
Mozilla » Firefox » Version: 1.5.0.1

cpe:2.3:a:mozilla:firefox:1.5.0.1
Mozilla » Firefox » Version: 1.5.0.2

cpe:2.3:a:mozilla:firefox:1.5.0.2
Mozilla » Firefox » Version: 1.5.0.3

cpe:2.3:a:mozilla:firefox:1.5.0.3
Mozilla » Firefox » Version: 1.5.0.4

cpe:2.3:a:mozilla:firefox:1.5.0.4
Mozilla » Seamonkey » Version: 1.0

cpe:2.3:a:mozilla:seamonkey:1.0
Mozilla » Seamonkey » Version: 1.0.1

cpe:2.3:a:mozilla:seamonkey:1.0.1
Mozilla » Seamonkey » Version: 1.0.2

cpe:2.3:a:mozilla:seamonkey:1.0.2
Mozilla » Thunderbird » Version: 1.5

cpe:2.3:a:mozilla:thunderbird:1.5
Mozilla » Thunderbird » Version: 1.5.0.2

cpe:2.3:a:mozilla:thunderbird:1.5.0.2
Mozilla » Thunderbird » Version: 1.5.0.4

cpe:2.3:a:mozilla:thunderbird:1.5.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3806

Products

Pricing

Contact Us