Red Hat Customer Portal

Skip to main content

CVE-2006-2787

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

Details Source

Mitre

Public Date

2006-06-01 00:00:00

Impact

Moderate

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2006:0609 2006-08-02
Red Hat Enterprise Linux 2.1 RHSA-2006:0594 2006-08-28
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0611 2006-07-29
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2006:0578 2006-07-20
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0610 2006-07-28

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.3-0.el4.1 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.2.el4 Fixed