Bug 200455 (CVE-2006-3812)

Summary: Seamonkey multiple vulnerabilities: CVE-2006-{3113,3677,3801-3812}
Product: [Other] Security Response Reporter: Ville Skyttä <scop>
Component: vulnerabilityAssignee: Kai Engert (:kaie) (inactive account) <kengert>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: extras-qa, fedora-security-list
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 1.0.4 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-08-07 19:21:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ville Skyttä 2006-07-27 19:49:47 UTC 
Arbitrary code execution:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3807

Denial of service:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3804

All these are reported against seamonkey < 1.0.3.  FE[45] and devel affected.
Comment 1 Ville Skyttä 2006-07-28 15:35:41 UTC 
There's more: CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805,
CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811
Comment 2 Ville Skyttä 2006-07-29 09:23:42 UTC 
...and CVE-2006-3812
Comment 3 Matthew Miller 2006-07-29 10:43:39 UTC 
See also related Firefox bug #200357
Comment 4 Ville Skyttä 2006-08-07 19:21:16 UTC 
Fixed in 1.0.3+ according to upstream.