CVE-2006-1735

EPSS 39.0%

Published: 4/14/2006Modified: 4/28/2026

Description

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

Affected packages (1)

Debian/thunderbirdfrom 0, < 1.5.0.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1735