CVE-2006-1735
EPSS 39.0%
Description
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
How to fix CVE-2006-1735
To remediate CVE-2006-1735, upgrade the affected package to a fixed version below.
- Debian/thunderbird—upgrade to 1.5.0.2-1 or later
Is CVE-2006-1735 being exploited?
Moderate — EPSS is 39.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.5.0.2-1