mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
901 B
901 B
CVE-2006-3807
Description
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
POC
Reference
- http://www.redhat.com/support/errata/RHSA-2006-0608.html
- http://www.securityfocus.com/archive/1/446658/100/200/threaded
- http://www.ubuntu.com/usn/usn-361-1
Github
No PoCs found on GitHub currently.