Red Hat Customer Portal

Skip to main content

CVE-2006-3806

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

Details Source

Mitre

Public Date

2006-07-26 00:00:00

Impact

Critical

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2006:0609 2006-08-02
Red Hat Enterprise Linux 2.1 RHSA-2006:0594 2006-08-28
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0611 2006-07-29
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0610 2006-07-28
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2006:0608 2006-07-27

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.3-0.el4.1 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.2.el4 Fixed