CVE-2006-3801

EPSS 27.8%

Published: 7/27/2006Modified: 4/28/2026

Description

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.

Affected packages (1)

Debian/thunderbirdfrom 0, < 1.5.0.5-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-3801