New Search

Mozilla Firefox before 1.5.0.5 Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.

oval:org.mitre.oval:def:9753

Mozilla Firefox before 1.5.0.5 Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
  • CentOS Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-3809
Product(s):