What is CVE-2006-3677?

CVE-2006-3677 is a vulnerability in N/a. Published 2006-07-27.

Is CVE-2006-3677 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-3677

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which c…

EPSS: 0.673 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability (mailing-list, x_refsource_BUGTRAQ)
21243 (x_refsource_SECUNIA, third-party-advisory)
RHSA-2006:0608 (x_refsource_REDHAT, vendor-advisory)
GLSA-200608-02 (vendor-advisory, x_refsource_GENTOO)
MDKSA-2006:145 (vendor-advisory, x_refsource_MANDRIVA)
ADV-2006-3748 (vdb-entry, x_refsource_VUPEN)
iphone-mobilesafari-dos(39998) (vdb-entry, x_refsource_XF)
19181 (vdb-entry, x_refsource_BID)
mozilla-javascript-navigator-code-excecution(27981) (vdb-entry, x_refsource_XF)
TA06-208A (x_refsource_CERT, third-party-advisory)

Frequently asked questions

What is CVE-2006-3677?: CVE-2006-3677 is a vulnerability in N/a. Published 2006-07-27.
Is CVE-2006-3677 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.