GCVE - cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*

part: a version: * update: beta

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Seamonkey (`9b67c4f8-e83e-55c8-8c3d-4a52e7d74102`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-2777`	vulnerable	2026-06-03 14:27:33.178356	Details available Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context. Published: 2006-06-02T18:00:00.000Z Updated: 2024-08-07T17:58:51.909Z Open on db.gcve.eu Reference links http://secunia.com/advisories/21176 http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 http://www.vupen.com/english/advisories/2006/3748 https://usn.ubuntu.com/296-1/ https://usn.ubuntu.com/323-1/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1742`	vulnerable	2026-06-03 14:27:25.105201	Details available The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.433Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808 http://www.redhat.com/support/errata/RHSA-2006-0330.html http://secunia.com/advisories/19902 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1740`	vulnerable	2026-06-03 14:27:25.102970	Details available Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.575Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://www.securityfocus.com/archive/1/438730/100/0/threaded http://secunia.com/advisories/19941	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1736`	vulnerable	2026-06-03 14:27:25.097641	Details available Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.590Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://secunia.com/advisories/19902 https://exchange.xforce.ibmcloud.com/vulnerabilities/25814 http://www.securityfocus.com/archive/1/438730/100/0/threaded http://secunia.com/advisories/19941	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1735`	vulnerable	2026-06-03 14:27:25.096422	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.663Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1734`	vulnerable	2026-06-03 14:27:25.095059	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.492Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1733`	vulnerable	2026-06-03 14:27:25.093383	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain." Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.542Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1731`	vulnerable	2026-06-03 14:27:25.090693	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.474Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc https://usn.ubuntu.com/276-1/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.