Home > Vulnerability Database > CVE-2006-0299

Mend.io Vulnerability Database

CVE-2006-0299

Date: February 2, 2006

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

Severity Score

6.5

Related Resources (15)

Url: http://www.securityfocus.com/archive/1/446657/100/200/threaded

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1625

Url: http://secunia.com/advisories/18704

Url: http://www.securityfocus.com/bid/16476

Url: http://secunia.com/advisories/18700

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-0299

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/24437

Url: http://www.mozilla.org/security/announce/2006/mfsa2006-08.html

Url: http://securitytracker.com/id?1015570

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=322312

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-0299

Url: http://www.vupen.com/english/advisories/2006/3749

Url: http://secunia.com/advisories/22065

Url: http://www.vupen.com/english/advisories/2006/0413

Url: https://www.mend.io/vulnerability-database/CVE-2006-0299

Severity Score

6.5

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	6.4
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-0299

Date: February 2, 2006

Severity Score

Related Resources (15)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?