Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-g3d9-vf5u-dqbk
Summary
Using the eval associated with methods of an XBL binding it was possible
to create JavaScript functions that would get compiled with the wrong
privileges, allowing the attacker to run code of their choice with the
full permission of the user running the browser. This
could be used to install spyware or viruses.Thunderbird shares the JavaScript engine with Firefox
and could be vulnerable if JavaScript were to be enabled in mail. This is not
the default setting and we strongly discourage users from running
JavaScript in mail.
Aliases
0
alias CVE-2006-1735
Fixed_packages
0
url pkg:mozilla/Firefox@1.0.8
purl pkg:mozilla/Firefox@1.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@1.0.8
1
url pkg:mozilla/Firefox@1.5.0
purl pkg:mozilla/Firefox@1.5.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@1.5.0
2
url pkg:mozilla/Mozilla%20Suite@1.7.13
purl pkg:mozilla/Mozilla%20Suite@1.7.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Mozilla%2520Suite@1.7.13
3
url pkg:mozilla/SeaMonkey@1.0.0
purl pkg:mozilla/SeaMonkey@1.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.0
4
url pkg:mozilla/Thunderbird@1.0.8
purl pkg:mozilla/Thunderbird@1.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@1.0.8
5
url pkg:mozilla/Thunderbird@1.5.0
purl pkg:mozilla/Thunderbird@1.5.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@1.5.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
reference_id CVE-2006-1735
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2006-14
reference_id mfsa2006-14
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2006-14
Weaknesses
Exploits
Severity_range_score9.0 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-g3d9-vf5u-dqbk