漏洞信息(CVE-2006-5747)

一、漏洞 CVE-2006-5747 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在Mozilla Firefox 1.5.0.8之前、 thunderbird 1.5.0.8之前和SeaMonkey 1.0.6之前版本的Mozilla Firefox、 thunderbird和SeaMonkey 都发现了一个未指定漏洞，该漏洞允许远程攻击者通过XML.prototype.hasOwnProperty JavaScript函数执行任意代码。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Mozilla Firefox/SeaMonkey/Thunderbird多个远程安全漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Mozilla Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。上述产品中存在多个安全漏洞，具体如下： 1) Mozilla产品中所捆绑的网络安全服务(NSS)库如果以指数3使用RSA密钥的话，就无法正确的处理签名中的额外数据，允许攻击者伪造SSL/TLS和邮件证书。这个漏洞是MFSA 2006-60中所报告RSA签名漏洞的变种。 2) 攻击者可以在执行期间修改Script对象，导致执行任意JavaScript bytecode。 3

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

授权问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2006-5747 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2006-5747 的情报信息

https://bugzilla.mozilla.org/show_bug.cgi?id=355569 x_refsource_MISC
http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm x_refsource_CONFIRM
http://www.mozilla.org/security/announce/2006/mfsa2006-65.html x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-765 x_refsource_CONFIRM
http://secunia.com/advisories/22727 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23297 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22815 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22737 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22929 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/20957 vdb-entry x_refsource_BID
http://secunia.com/advisories/22066 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22965 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22763 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23263 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/24711 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22774 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22980 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23009 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22817 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22722 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/22770 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23287 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/23013 third-party-advisory x_refsource_SECUNIA
http://securitytracker.com/id?1017177 vdb-entry x_refsource_SECTRACK
http://securitytracker.com/id?1017179 vdb-entry x_refsource_SECTRACK
http://securitytracker.com/id?1017178 vdb-entry x_refsource_SECTRACK
http://www.us-cert.gov/cas/techalerts/TA06-312A.html third-party-advisory x_refsource_CERT
http://www.ubuntu.com/usn/usn-382-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-381-1 vendor-advisory x_refsource_UBUNTU
http://www.kb.cert.org/vuls/id/815432 third-party-advisory x_refsource_CERT-VN
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 vendor-advisory x_refsource_HP
http://www.vupen.com/english/advisories/2006/3748 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/1198 vdb-entry x_refsource_VUPEN
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P vendor-advisory x_refsource_SGI
http://www.vupen.com/english/advisories/2008/0083 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/4387 vdb-entry x_refsource_VUPEN
http://rhn.redhat.com/errata/RHSA-2006-0734.html vendor-advisory x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200612-07.xml vendor-advisory x_refsource_GENTOO
http://security.gentoo.org/glsa/glsa-200612-06.xml vendor-advisory x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2006:206 vendor-advisory x_refsource_MANDRIVA
http://rhn.redhat.com/errata/RHSA-2006-0735.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2006-0733.html vendor-advisory x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:205 vendor-advisory x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200612-08.xml vendor-advisory x_refsource_GENTOO
http://www.novell.com/linux/security/advisories/2006_68_mozilla.html vendor-advisory x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11496 vdb-entry signature x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/30093 vdb-entry x_refsource_XF
http://www.securityfocus.com/archive/1/451099/100/0/threaded mailing-list x_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-5747

一、 漏洞 CVE-2006-5747 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2006-5747 的公开POC

三、漏洞 CVE-2006-5747 的情报信息

一、漏洞 CVE-2006-5747 基础信息