Vulnerability Name:

CVE-2006-2775 (CCN-26846)

Assigned:2006-06-01
Published:2006-06-01
Updated:2018-10-18
Summary:Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
Mozilla, Thunderbird versions are only vulnerable if you turn on JavaScript in mail.
This vulnerability is addressed in the following product release:
Mozilla, Firefox, 1.5.0.4
Mozilla, Thunderbird, 1.5.0.4
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2006-2775

Source: CCN
Type: SA20376
Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
20376

Source: CCN
Type: SA20382
Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
20382

Source: SECUNIA
Type: Vendor Advisory
20561

Source: SECUNIA
Type: Vendor Advisory
20709

Source: SECUNIA
Type: Vendor Advisory
21176

Source: SECUNIA
Type: Vendor Advisory
21178

Source: SECUNIA
Type: Vendor Advisory
21183

Source: SECUNIA
Type: Vendor Advisory
21188

Source: SECUNIA
Type: Vendor Advisory
21210

Source: SECUNIA
Type: Vendor Advisory
21324

Source: SECUNIA
Type: Vendor Advisory
21532

Source: SECUNIA
Type: Vendor Advisory
21607

Source: SECUNIA
Type: Vendor Advisory
22065

Source: SECUNIA
Type: Vendor Advisory
22066

Source: CCN
Type: SECTRACK ID: 1016202
Mozilla Firefox Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling

Source: SECTRACK
Type: UNKNOWN
1016202

Source: CCN
Type: SECTRACK ID: 1016214
Mozilla Thunderbird Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling

Source: SECTRACK
Type: UNKNOWN
1016214

Source: CCN
Type: ASA-2006-259
HP-UX Firefox Vulnerabilities

Source: CCN
Type: ASA-2007-097
HP-UX Running Firefox Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS) (HPSBUX02153)

Source: CCN
Type: ASA-2007-135
HP-UX Running Thunderbird Remote Unauthorized Access or Elevation of Privileges or Denial of Service (HPSBUX02156)

Source: DEBIAN
Type: UNKNOWN
DSA-1118

Source: DEBIAN
Type: UNKNOWN
DSA-1120

Source: DEBIAN
Type: UNKNOWN
DSA-1134

Source: DEBIAN
Type: DSA-1118
mozilla -- several vulnerabilities

Source: DEBIAN
Type: DSA-1120
mozilla-firefox -- several vulnerabilities

Source: DEBIAN
Type: DSA-1134
mozilla-thunderbird -- several vulnerabilities

Source: CCN
Type: GLSA-200606-12
Mozilla Firefox: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200606-12

Source: CCN
Type: GLSA-200606-21
Mozilla Thunderbird: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200606-21

Source: CCN
Type: GLSA-200703-05
Mozilla Suite: Multiple vulnerabilities

Source: CCN
Type: US-CERT VU#243153
Mozilla may associate persisted XUL attributes with an incorrect URL

Source: CERT-VN
Type: Patch, US Government Resource
VU#243153

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:143

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:145

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:146

Source: CCN
Type: MFSA 2006-35
Privilege escalation through XUL persist.

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-35.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:035

Source: CCN
Type: OSVDB ID: 26298
Mozilla Multiple Products Persistent XUL Attribute Privilege Escalation

Source: BUGTRAQ
Type: UNKNOWN
20060602 rPSA-2006-0091-1 firefox thunderbird

Source: HP
Type: UNKNOWN
SSRT061236

Source: HP
Type: UNKNOWN
SSRT061181

Source: BID
Type: UNKNOWN
18228

Source: CCN
Type: BID-18228
Mozilla Firefox, SeaMonkey, Camino, and Thunderbird Multiple Remote Vulnerabilities

Source: CCN
Type: USN-296-1
Firefox vulnerabilities

Source: CCN
Type: USN-296-2
Firefox vulnerabilities

Source: CCN
Type: USN-297-1
Thunderbird vulnerabilities

Source: CCN
Type: USN-297-2
Thunderbird extensions update for recent security update

Source: CCN
Type: USN-297-3
Thunderbird vulnerabilities

Source: CCN
Type: USN-323-1
Mozilla vulnerabilities

Source: CERT
Type: Patch, US Government Resource
TA06-153A

Source: VUPEN
Type: Vendor Advisory
ADV-2006-2106

Source: VUPEN
Type: Vendor Advisory
ADV-2006-3748

Source: VUPEN
Type: Vendor Advisory
ADV-2006-3749

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0083

Source: XF
Type: UNKNOWN
mozilla-xul-code-execution(26846)

Source: XF
Type: UNKNOWN
mozilla-xul-code-execution(26846)

Source: UBUNTU
Type: UNKNOWN
USN-296-1

Source: UBUNTU
Type: UNKNOWN
USN-296-2

Source: UBUNTU
Type: UNKNOWN
USN-297-1

Source: UBUNTU
Type: UNKNOWN
USN-297-3

Source: UBUNTU
Type: UNKNOWN
USN-323-1

Source: SUSE
Type: SUSE-SA:2006:035
Mozilla browser security problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 1.5.0.3)
  • OR cpe:/a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version <= 1.5.0.1)

  • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20062775
    V
    CVE-2006-2775
    2015-11-16
    oval:org.debian:def:1134
    V
    several vulnerabilities
    2006-08-02
    oval:org.debian:def:1120
    V
    several vulnerabilities
    2006-07-23
    oval:org.debian:def:1118
    V
    several vulnerabilities
    2006-07-22
    BACK
    mozilla firefox 0.8
    mozilla firefox 0.9
    mozilla firefox 0.9 rc
    mozilla firefox 0.9.1
    mozilla firefox 0.9.2
    mozilla firefox 0.9.3
    mozilla firefox 0.10
    mozilla firefox 0.10.1
    mozilla firefox 1.0
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla firefox 1.0.3
    mozilla firefox 1.0.4
    mozilla firefox 1.0.5
    mozilla firefox 1.0.6
    mozilla firefox 1.0.6
    mozilla firefox 1.0.7
    mozilla firefox 1.5
    mozilla firefox 1.5 beta1
    mozilla firefox 1.5 beta2
    mozilla firefox 1.5.0.1
    mozilla firefox 1.5.0.2
    mozilla firefox *
    mozilla thunderbird 0.1
    mozilla thunderbird 0.2
    mozilla thunderbird 0.3
    mozilla thunderbird 0.4
    mozilla thunderbird 0.5
    mozilla thunderbird 0.6
    mozilla thunderbird 0.7
    mozilla thunderbird 0.7.1
    mozilla thunderbird 0.7.2
    mozilla thunderbird 0.7.3
    mozilla thunderbird 0.8
    mozilla thunderbird 0.9
    mozilla thunderbird 1.0
    mozilla thunderbird 1.0.1
    mozilla thunderbird 1.0.2
    mozilla thunderbird 1.0.3
    mozilla thunderbird 1.0.4
    mozilla thunderbird 1.0.5
    mozilla thunderbird 1.0.5 beta
    mozilla thunderbird 1.0.6
    mozilla thunderbird 1.0.7
    mozilla thunderbird 1.5
    mozilla thunderbird 1.5 beta2
    mozilla thunderbird *
    mozilla firefox 0.8
    mozilla firefox 0.9 rc
    mozilla firefox 0.9.2
    mozilla firefox 0.9.1
    mozilla firefox 0.9.3
    mozilla firefox 0.10.1
    mozilla thunderbird 0.8
    mozilla firefox 1.0
    mozilla thunderbird 1.0.1
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla firefox 1.0.3
    mozilla firefox 1.0.4
    mozilla firefox 1.0.6
    mozilla firefox 1.5 beta1
    mozilla firefox 1.0.7
    mozilla thunderbird 1.0.2
    mozilla thunderbird 1.0.6
    mozilla thunderbird 1.0.7
    mozilla firefox 1.5
    mozilla thunderbird 1.5
    mozilla thunderbird 1.5 beta2
    mozilla firefox 1.5.0.2
    mozilla firefox 1.5.0.3
    mozilla thunderbird 1.5.0.1
    mozilla firefox 0.10
    mozilla firefox 0.9
    mozilla firefox 1.0.5
    mozilla firefox 1.5.0.1
    mozilla firefox 1.5 beta2
    mozilla thunderbird 0.1
    mozilla thunderbird 0.2
    mozilla thunderbird 0.3
    mozilla thunderbird 0.4
    mozilla thunderbird 0.5
    mozilla thunderbird 0.6
    mozilla thunderbird 0.7
    mozilla thunderbird 0.7.1
    mozilla thunderbird 0.7.2
    mozilla thunderbird 0.7.3
    mozilla thunderbird 0.9
    mozilla thunderbird 1.0
    mozilla thunderbird 1.0.3
    mozilla thunderbird 1.0.4
    mozilla thunderbird 1.0.5
    mozilla thunderbird 1.0.5 beta
    gentoo linux *
    mandrakesoft mandrake linux corporate server 3.0
    debian debian linux 3.1
    mandrakesoft mandrake linux 2006
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0