CVE-2006-2776
EPSS 31.2%
Description
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.
How to fix CVE-2006-2776
To remediate CVE-2006-2776, upgrade the affected package to a fixed version below.
- Debian/thunderbird—upgrade to 1.5.0.4-1 or later
Is CVE-2006-2776 being exploited?
Moderate — EPSS is 31.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.5.0.4-1