HackTesting

CVE-2006-3677

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.

References

http://www.securityfocus.com/archive/1/441332/100/0/threaded
http://secunia.com/advisories/21243
http://www.redhat.com/support/errata/RHSA-2006-0608.html
http://security.gentoo.org/glsa/glsa-200608-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
http://www.vupen.com/english/advisories/2006/3748
https://exchange.xforce.ibmcloud.com/vulnerabilities/39998
http://www.securityfocus.com/bid/19181
https://exchange.xforce.ibmcloud.com/vulnerabilities/27981
http://www.us-cert.gov/cas/techalerts/TA06-208A.html
http://www.vupen.com/english/advisories/2006/2998
http://www.securityfocus.com/archive/1/441333/100/0/threaded
http://secunia.com/advisories/21529
http://www.zerodayinitiative.com/advisories/ZDI-06-025.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745
http://secunia.com/advisories/21216
http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml
http://www.redhat.com/support/errata/RHSA-2006-0594.html
http://secunia.com/advisories/21336
http://www.redhat.com/support/errata/RHSA-2006-0610.html
http://www.kb.cert.org/vuls/id/670060
http://rhn.redhat.com/errata/RHSA-2006-0609.html
http://secunia.com/advisories/22210
http://securitytracker.com/id?1016586
http://secunia.com/advisories/19873
http://secunia.com/advisories/21262
http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
http://secunia.com/advisories/21532
http://secunia.com/advisories/21270
http://www.vupen.com/english/advisories/2008/0083
https://usn.ubuntu.com/327-1/
http://secunia.com/advisories/21361
http://secunia.com/advisories/21631
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://secunia.com/advisories/21246
http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html
http://secunia.com/advisories/21229
http://securitytracker.com/id?1016587
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.redhat.com/support/errata/RHSA-2006-0611.html
https://issues.rpath.com/browse/RPL-536
http://secunia.com/advisories/22066
http://secunia.com/advisories/21269
http://secunia.com/advisories/21343
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
http://www.securityfocus.com/bid/19192
http://www.ubuntu.com/usn/usn-354-1
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc