CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3811

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.19

EPSS Ranking 95.1%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2006-3811

Mozilla » Firefox » Version: 1.5

cpe:2.3:a:mozilla:firefox:1.5
Mozilla » Firefox » Version: 1.5.0.1

cpe:2.3:a:mozilla:firefox:1.5.0.1
Mozilla » Firefox » Version: 1.5.0.2

cpe:2.3:a:mozilla:firefox:1.5.0.2
Mozilla » Firefox » Version: 1.5.0.3

cpe:2.3:a:mozilla:firefox:1.5.0.3
Mozilla » Firefox » Version: 1.5.0.4

cpe:2.3:a:mozilla:firefox:1.5.0.4
Mozilla » Seamonkey » Version: 1.0

cpe:2.3:a:mozilla:seamonkey:1.0
Mozilla » Seamonkey » Version: 1.0.1

cpe:2.3:a:mozilla:seamonkey:1.0.1
Mozilla » Seamonkey » Version: 1.0.2

cpe:2.3:a:mozilla:seamonkey:1.0.2
Mozilla » Thunderbird » Version: 1.5

cpe:2.3:a:mozilla:thunderbird:1.5
Mozilla » Thunderbird » Version: 1.5.0.2

cpe:2.3:a:mozilla:thunderbird:1.5.0.2
Mozilla » Thunderbird » Version: 1.5.0.4

cpe:2.3:a:mozilla:thunderbird:1.5.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3811

Products

Pricing

Contact Us