Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
References
Link Providers
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2006-0609.html cve-icon cve-icon
http://secunia.com/advisories/19873 cve-icon cve-icon
http://secunia.com/advisories/21216 cve-icon cve-icon
http://secunia.com/advisories/21228 cve-icon cve-icon
http://secunia.com/advisories/21229 cve-icon cve-icon
http://secunia.com/advisories/21243 cve-icon cve-icon
http://secunia.com/advisories/21246 cve-icon cve-icon
http://secunia.com/advisories/21250 cve-icon cve-icon
http://secunia.com/advisories/21262 cve-icon cve-icon
http://secunia.com/advisories/21269 cve-icon cve-icon
http://secunia.com/advisories/21270 cve-icon cve-icon
http://secunia.com/advisories/21275 cve-icon cve-icon
http://secunia.com/advisories/21336 cve-icon cve-icon
http://secunia.com/advisories/21343 cve-icon cve-icon
http://secunia.com/advisories/21358 cve-icon cve-icon
http://secunia.com/advisories/21361 cve-icon cve-icon
http://secunia.com/advisories/21529 cve-icon cve-icon
http://secunia.com/advisories/21532 cve-icon cve-icon
http://secunia.com/advisories/21607 cve-icon cve-icon
http://secunia.com/advisories/21631 cve-icon cve-icon
http://secunia.com/advisories/22055 cve-icon cve-icon
http://secunia.com/advisories/22065 cve-icon cve-icon
http://secunia.com/advisories/22066 cve-icon cve-icon
http://secunia.com/advisories/22210 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200608-02.xml cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200608-04.xml cve-icon cve-icon
http://securitytracker.com/id?1016586 cve-icon cve-icon
http://securitytracker.com/id?1016587 cve-icon cve-icon
http://securitytracker.com/id?1016588 cve-icon cve-icon
http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml cve-icon cve-icon
http://www.kb.cert.org/vuls/id/265964 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 cve-icon cve-icon
http://www.mozilla.org/security/announce/2006/mfsa2006-48.html cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0594.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0608.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0610.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0611.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/441333/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/446657/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/446658/100/200/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/19181 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-350-1 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-354-1 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA06-208A.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/2998 cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3748 cve-icon cve-icon
http://www.vupen.com/english/advisories/2006/3749 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0083 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/27984 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-536 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-537 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2006-3803 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635 cve-icon cve-icon
https://usn.ubuntu.com/327-1/ cve-icon cve-icon
https://usn.ubuntu.com/329-1/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2006-3803 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2006-07-27T19:00:00

Updated: 2024-08-07T18:48:37.876Z

Reserved: 2006-07-24T00:00:00

Link: CVE-2006-3803

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-07-27T19:04:00.000

Modified: 2024-11-21T00:14:27.737

Link: CVE-2006-3803

cve-icon Redhat

Severity : Critical

Publid Date: 2006-07-26T00:00:00Z

Links: CVE-2006-3803 - Bugzilla