N/A Publié le 2006-04-14

CVE-2006-1735

EN Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

EPSS 39.0% percentile 97.3%

Apps suivies affectées

Thunderbird

winget:Mozilla.Thunderbird

1 ouverte

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
mozilla	thunderbird	Windows	≤1.0.7	cpe:2.3:a:mozilla:thunderbird::::::::
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.5:beta::::::
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::

Voir sur NVD ↗