漏洞信息(CVE-2006-3803)

一、漏洞 CVE-2006-3803 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在Mozilla Firefox 1.5之前版本1.5.0.5、Thunderbird之前版本1.5.0.5、以及SeaMonkey之前版本1.0.3之间的JavaScript垃圾收集中的竞态条件可能允许远程攻击者执行任意代码，因为在创建新的函数对象时，垃圾收集器仍在使用临时变量，而该变量在被使用时仍然被删除。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Mozilla Firefox/SeaMonkey/Thunderbird JAVA脚本的碎片收集临时变量漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Mozilla Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。上述产品中存在多个安全漏洞，具体如下： JAVA脚本的竞争条件下的碎片收集,允许远程攻击者执行任意代码利用碎片收集恢复历史删除的临时变量,并继续使用当在一个新的功能对象建立之前.

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

授权问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2006-3803 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2006-3803 的情报信息

https://issues.rpath.com/browse/RPL-536 x_refsource_CONFIRM
http://www.mozilla.org/security/announce/2006/mfsa2006-48.html x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-537 x_refsource_CONFIRM
http://secunia.com/advisories/21270 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21358 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22210 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21607 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/19873 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21262 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21532 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21243 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21250 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21361 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21631 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21275 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21246 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21228 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21229 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22065 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/19181 vdb-entry x_refsource_BID
http://secunia.com/advisories/22055 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21336 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21343 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22066 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21216 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21529 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21269 third-party-advisory x_refsource_SECUNIA
http://securitytracker.com/id?1016587 vdb-entry x_refsource_SECTRACK
http://securitytracker.com/id?1016586 vdb-entry x_refsource_SECTRACK
http://securitytracker.com/id?1016588 vdb-entry x_refsource_SECTRACK
https://usn.ubuntu.com/327-1/ vendor-advisory x_refsource_UBUNTU
http://www.kb.cert.org/vuls/id/265964 third-party-advisory x_refsource_CERT-VN
http://www.us-cert.gov/cas/techalerts/TA06-208A.html third-party-advisory x_refsource_CERT
http://www.ubuntu.com/usn/usn-350-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-354-1 vendor-advisory x_refsource_UBUNTU
https://usn.ubuntu.com/329-1/ vendor-advisory x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/446658/100/200/threaded vendor-advisory x_refsource_HP
http://www.securityfocus.com/archive/1/446657/100/200/threaded vendor-advisory x_refsource_HP
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc vendor-advisory x_refsource_SGI
http://www.vupen.com/english/advisories/2008/0083 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3748 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/3749 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/2998 vdb-entry x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml vendor-advisory x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2006-0608.html vendor-advisory x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200608-02.xml vendor-advisory x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 vendor-advisory x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 vendor-advisory x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200608-04.xml vendor-advisory x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2006-0594.html vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2006-0610.html vendor-advisory x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 vendor-advisory x_refsource_MANDRIVA
http://rhn.redhat.com/errata/RHSA-2006-0609.html vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2006-0611.html vendor-advisory x_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html vendor-advisory x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10635 vdb-entry signature x_refsource_OVAL
http://www.securityfocus.com/archive/1/441333/100/0/threaded mailing-list x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/27984 vdb-entry x_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2006-3803

一、 漏洞 CVE-2006-3803 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2006-3803 的公开POC

三、漏洞 CVE-2006-3803 的情报信息

一、漏洞 CVE-2006-3803 基础信息