CVE-2006-3805
mozilla-firefox - several vulnerabilities
EPSS 23.0%
Description
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.
How to fix CVE-2006-3805
To remediate CVE-2006-3805, upgrade the affected package to a fixed version below.
- Debian/mozilla-firefox—upgrade to 1.0.4-2sarge11 or later
- Debian/thunderbird—upgrade to 1.5.0.5-1 or later
Is CVE-2006-3805 being exploited?
Moderate — EPSS is 23.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.0.4-2sarge11
- from 0, < 1.5.0.5-1