CVE-2006-1734

NameCVE-2006-1734
DescriptionMozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1044-1, DSA-1046-1, DSA-1051-1
NVD severitymedium (attack range: remote, user-initiated)
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firefoxsource(unstable)1.5.dfsg+1.5.0.2-2high
mozillasource(unstable)2:1.7.13-0.1high
mozillasourcesarge2:1.7.8-1sarge5mediumDSA-1046-1
mozilla-firefoxsource(unstable)1.5.dfsg+1.5.0.2-2high
mozilla-firefoxsourcesarge1.0.4-2sarge6mediumDSA-1044-1
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.8medium
thunderbirdsource(unstable)1.5.0.2-1medium

Search for package or bug name: Reporting problems