CVE-2006-0295
EPSS 83.4%
Description
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
How to fix CVE-2006-0295
To remediate CVE-2006-0295, upgrade the affected package to a fixed version below.
- Debian/thunderbird—upgrade to 1.5.0.2-1 or later
Is CVE-2006-0295 being exploited?
Likely — EPSS is 83.4%, placing CVE-2006-0295 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 1.5.0.2-1