CVE-2006-3802

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.

Publication date: Fri, 28 Jul 2006 01:04:00 +0000

Cyber News related to CVE-2006-3802

CVE-2006-3802 - Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the ...
6 years ago

CVE-2007-3802 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0447. Reason: This candidate is a duplicate of CVE-2007-0447. Notes: All CVE users should reference CVE-2007-0447 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2008-3802 - Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka ...
2 years ago

CVE-2008-3801 - Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device ...
2 years ago

CVE-2008-3800 - Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device ...
2 years ago

CVE-2015-3802 - Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805. ...
8 years ago

CVE-2015-3805 - Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. ...
8 years ago

CVE-2008-1242 - The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously ...
6 years ago

CVE-2021-3802 - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. ...
1 year ago

CVE-2019-3802 - This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more ...
3 years ago

CVE-2020-3802 - Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead ...
3 years ago

CVE-2011-3802 - StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files. ...
12 years ago

CVE-2016-3802 - The kernel filesystem implementation in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28271368. ...
8 years ago

CVE-2014-3802 - msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to ...
8 years ago

CVE-2005-3802 - Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication. ...
7 years ago

CVE-2017-3802 - A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc20679. Known ...
7 years ago

CVE-2009-3802 - Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname ("%%%") to _admin/index.php, which reveals the installation path and other information in an error message. ...
7 years ago

CVE-2012-3802 - Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors. ...
7 years ago

CVE-2010-3802 - Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie ...
7 years ago

CVE-2002-0076 - Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet ...
6 years ago

CVE-2002-0058 - Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) ...
6 years ago

CVE-2013-3802 - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. ...
2 years ago

CVE-2022-3802 - A vulnerability has been found in IBAX go-ibax and classified as critical. This vulnerability affects unknown code of the file /api/v2/open/rowsInfo. The manipulation of the argument where leads to sql injection. The attack can be initiated remotely. ...
2 years ago

CVE-2023-3802 - A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Controller/Ajaxfileupload.ashx. The manipulation of the ...
1 year ago

CVE-2024-3802 - Vulnerabilities in Celeste 22.x was vulnerable to takeover from unauthenticated local attacker. ...
9 months ago Tenable.com

Latest Cyber News

CVE-2025-24973 - 1 hour ago
CVE-2025-24976 - 1 hour ago
CVE-2025-24807 - 1 hour ago
CVE-2025-24896 - 1 hour ago
CVE-2025-24897 - 1 hour ago
CVE-2025-24900 - 1 hour ago
CVE-2025-22467 - 1 hour ago
CVE-2024-47908 - 1 hour ago
CVE-2024-13813 - 1 hour ago
CVE-2024-13830 - 1 hour ago
CVE-2024-13842 - 1 hour ago
CVE-2024-13843 - 1 hour ago
CVE-2024-10644 - 1 hour ago
CVE-2024-11771 - 1 hour ago
CVE-2024-12058 - 1 hour ago
CVE-2024-12797 - 1 hour ago
CVE-2024-33659 - 2 hours ago
CVE-2025-1231 - 3 hours ago
CVE-2025-26492 - 3 hours ago
CVE-2025-26493 - 3 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-10334 - 1 day ago
CVE-2025-1149 - 1 day ago
CVE-2024-11831 - 1 day ago
CVE-2024-12133 - 1 day ago
CVE-2024-12243 - 1 day ago
CVE-2024-57950 - 1 day ago
CVE-2025-21686 - 1 day ago
CVE-2025-21687 - 1 day ago
CVE-2025-21688 - 1 day ago
CVE-2025-21689 - 1 day ago
CVE-2025-21690 - 1 day ago
CVE-2025-21691 - 1 day ago
CVE-2025-21692 - 1 day ago
CVE-2025-21693 - 1 day ago
CVE-2025-24031 - 1 day ago
CVE-2025-24032 - 1 day ago
CVE-2025-24892 - 1 day ago
CVE-2025-25186 - 1 day ago
CVE-2025-1150 - 1 day ago
CVE-2025-1151 - 1 day ago