CVE-2006-5747

Published: Nov 8, 2006Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.

Affected (29)

Products: Mozilla: Firefox, Seamonkey, Thunderbird

3 products

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 1.5.0.1
Mozilla Firefox	Version 1.5.0.2
Mozilla Firefox	Version 1.5.0.3
Mozilla Firefox	Version 1.5.0.4
Mozilla Firefox	Version 1.5.0.5
Mozilla Firefox	Version 1.5.0.6
Mozilla Firefox	Version 1.5.0.7
Mozilla Firefox	Version 1.5
Mozilla Firefox	Version 1.5 beta1
Mozilla Firefox	Version 1.5 beta2
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.2
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.5
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0
Mozilla Thunderbird	Version 1.0.1
Mozilla Thunderbird	Version 1.0.2
Mozilla Thunderbird	Version 1.0.5
Mozilla Thunderbird	Version 1.0.6
Mozilla Thunderbird	Version 1.0.7
Mozilla Thunderbird	Version 1.0.8
Mozilla Thunderbird	Version 1.0
Mozilla Thunderbird	Version 1.5.0.1
Mozilla Thunderbird	Version 1.5.0.2
Mozilla Thunderbird	Version 1.5.0.4
Mozilla Thunderbird	Version 1.5.0.7
Mozilla Thunderbird	Version 1.5
Mozilla Thunderbird	Version 1.5 beta2

References (96)

ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P (unsafe URL)

Source: secalert@redhat.com

Patch

http://rhn.redhat.com/errata/RHSA-2006-0733.html

Source: secalert@redhat.com

PatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2006-0734.html

Source: secalert@redhat.com

PatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2006-0735.html

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22066

Source: secalert@redhat.com

http://secunia.com/advisories/22722

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22727

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22737

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22763

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22770

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22774

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22815

Source: secalert@redhat.com

http://secunia.com/advisories/22817

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22929

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22965

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/22980

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/23009

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/23013

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/23263

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/23287

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/23297

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/24711

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-200612-06.xml

Source: secalert@redhat.com

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200612-07.xml

Source: secalert@redhat.com

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200612-08.xml

Source: secalert@redhat.com

PatchVendor Advisory

http://securitytracker.com/id?1017177

Source: secalert@redhat.com

Patch

http://securitytracker.com/id?1017178

Source: secalert@redhat.com

Patch

http://securitytracker.com/id?1017179

Source: secalert@redhat.com

Patch

http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm

Source: secalert@redhat.com

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/815432

Source: secalert@redhat.com

PatchUS Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2006:205

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2006:206

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2006/mfsa2006-65.html

Source: secalert@redhat.com

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_68_mozilla.html

Source: secalert@redhat.com

PatchVendor Advisory

http://www.securityfocus.com/archive/1/451099/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/20957

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-381-1

Source: secalert@redhat.com

PatchVendor Advisory

http://www.ubuntu.com/usn/usn-382-1

Source: secalert@redhat.com

PatchVendor Advisory

http://www.us-cert.gov/cas/techalerts/TA06-312A.html

Source: secalert@redhat.com

PatchUS Government Resource

http://www.vupen.com/english/advisories/2006/3748

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2006/4387

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2007/1198

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2008/0083

Source: secalert@redhat.com

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=355569

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/30093

Source: secalert@redhat.com

https://issues.rpath.com/browse/RPL-765

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11496

Source: secalert@redhat.com

ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P (unsafe URL)