Code Execution Flaw in Mozilla Firefox and Thunderbird Products
CVE-2006-1733

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Mozilla Suite
Thunderbird
Seamonkey
Vendor
CVE Published:
14 April 2006

What is CVE-2006-1733?

A vulnerability exists in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey that fails to adequately safeguard the compilation scope of privileged built-in XBL bindings. This flaw allows attackers to execute arbitrary code by utilizing certain methods associated with XBL bindings. Specifically, the exploitation can occur through the 'valueOf.call' or 'valueOf.apply' methods, or by embedding an XBL method within the prototype chain of the DOM's document.body, leading to potential exploitation and unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://usn.ubuntu.com/275-1/
vendor-advisoryx_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2006-0330.html
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/archive/1/434524/100/0/threaded
vendor-advisoryx_refsource_HP

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.