EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.Referenceshttp://secunia.com/advisories/20709http://secunia.com/advisories/21176http://www.mandriva.com/security/advisories?name=MDKSA-2006:145http://www.mozilla.org/security/announce/2006/mfsa2006-31.htmlhttp://www.vupen.com/english/advisories/2006/3748https://usn.ubuntu.com/297-3/https://usn.ubuntu.com/296-1/https://usn.ubuntu.com/323-1/http://secunia.com/advisories/20561http://secunia.com/advisories/21210http://www.redhat.com/support/errata/RHSA-2006-0594.htmlhttp://secunia.com/advisories/21336http://secunia.com/advisories/20382https://exchange.xforce.ibmcloud.com/vulnerabilities/26842http://securitytracker.com/id?1016214http://www.securityfocus.com/archive/1/435795/100/0/threadedhttp://www.vupen.com/english/advisories/2006/3749http://www.redhat.com/support/errata/RHSA-2006-0610.htmlhttp://secunia.com/advisories/20376http://www.mandriva.com/security/advisories?name=MDKSA-2006:146http://rhn.redhat.com/errata/RHSA-2006-0609.htmlhttp://secunia.com/advisories/21178http://securitytracker.com/id?1016202http://secunia.com/advisories/21607http://www.securityfocus.com/bid/18228http://secunia.com/advisories/21532http://secunia.com/advisories/21270http://www.vupen.com/english/advisories/2008/0083http://secunia.com/advisories/21188http://secunia.com/advisories/21134http://secunia.com/advisories/21631http://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttps://usn.ubuntu.com/296-2/http://www.gentoo.org/security/en/glsa/glsa-200606-21.xmlhttp://www.debian.org/security/2006/dsa-1118http://www.securityfocus.com/archive/1/446658/100/200/threadedhttp://www.debian.org/security/2006/dsa-1120http://www.redhat.com/support/errata/RHSA-2006-0611.htmlhttp://www.securityfocus.com/archive/1/446657/100/200/threadedhttp://www.debian.org/security/2006/dsa-1134http://www.gentoo.org/security/en/glsa/glsa-200606-12.xmlhttp://secunia.com/advisories/21324http://secunia.com/advisories/21183https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491http://secunia.com/advisories/22066http://secunia.com/advisories/21269http://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlhttps://usn.ubuntu.com/297-1/http://www.redhat.com/support/errata/RHSA-2006-0578.htmlhttp://www.vupen.com/english/advisories/2006/2106http://www.mandriva.com/security/advisories?name=MDKSA-2006:143http://secunia.com/advisories/22065
