Red Hat Customer Portal

Skip to main content

CVE-2006-1733

Impact:
Critical
Public Date:
2006-04-14

The MITRE CVE dictionary describes this issue as:

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."

Find out more about CVE-2006-1733 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (mozilla) RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 3 (mozilla) RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 2.1 (mozilla) RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0330 2006-04-21
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0328 2006-04-14

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 devhelp 0.9.2-2.4.8 Fixed
Red Hat Enterprise Linux version 4 mozilla 1.7.13-1.4.1 Fixed

Last Modified