Home > Vulnerability Database > CVE-2006-3809

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-3809

Date: July 27, 2006

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.

Severity Score

7.3

Related Resources (68)

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: http://www.debian.org/security/2006/dsa-1159

Url: http://www.securityfocus.com/archive/1/441333/100/0/threaded

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-3809

Url: http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html

Url: http://www.securityfocus.com/bid/19181

Url: http://www.redhat.com/support/errata/RHSA-2006-0608.html

Url: https://access.redhat.com/security/cve/CVE-2006-3809

Url: http://www.redhat.com/support/errata/RHSA-2006-0611.html

Url: http://secunia.com/advisories/21532

Url: http://www.securityfocus.com/archive/1/446658/100/200/threaded

Url: http://secunia.com/advisories/21336

Url: http://www.redhat.com/support/errata/RHSA-2006-0610.html

Url: http://secunia.com/advisories/21654

Url: http://secunia.com/advisories/21216

Url: http://www.redhat.com/support/errata/RHSA-2006-0594.html

Url: http://www.vupen.com/english/advisories/2006/3749

Url: http://secunia.com/advisories/21250

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/3748

Url: http://secunia.com/advisories/22342

Url: http://secunia.com/advisories/22066

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-53.html

Url: http://securitytracker.com/id?1016587

Url: http://securitytracker.com/id?1016588

Url: https://issues.rpath.com/browse/RPL-536

Url: http://securitytracker.com/id?1016586

Url: https://issues.rpath.com/browse/RPL-537

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: http://secunia.com/advisories/21269

Url: https://usn.ubuntu.com/327-1/

Url: http://www.ubuntu.com/usn/usn-361-1

Url: http://secunia.com/advisories/21228

Url: http://secunia.com/advisories/21229

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/27990

Url: http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml

Url: http://www.debian.org/security/2006/dsa-1160

Url: http://www.debian.org/security/2006/dsa-1161

Url: http://secunia.com/advisories/21262

Url: http://secunia.com/advisories/21343

Url: http://secunia.com/advisories/19873

Url: http://www.vupen.com/english/advisories/2008/0083

Url: http://secunia.com/advisories/21631

Url: http://secunia.com/advisories/21675

Url: http://www.ubuntu.com/usn/usn-354-1

Url: http://security.gentoo.org/glsa/glsa-200608-02.xml

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9753

Url: http://secunia.com/advisories/21358

Url: http://www.ubuntu.com/usn/usn-350-1

Url: http://secunia.com/advisories/21634

Url: http://secunia.com/advisories/21270

Url: http://www.vupen.com/english/advisories/2006/2998

Url: http://secunia.com/advisories/21275

Url: http://rhn.redhat.com/errata/RHSA-2006-0609.html

Url: http://secunia.com/advisories/21529

Url: http://secunia.com/advisories/21607

Url: https://usn.ubuntu.com/329-1/

Url: http://secunia.com/advisories/21246

Url: http://security.gentoo.org/glsa/glsa-200608-04.xml

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146

Url: http://secunia.com/advisories/21361

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-3809

Url: http://secunia.com/advisories/22210

Url: http://secunia.com/advisories/22055

Url: http://secunia.com/advisories/21243

Url: https://www.mend.io/vulnerability-database/CVE-2006-3809

Severity Score

7.3

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us