Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2006-1741

Date: April 14, 2006

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".

Severity Score

Related Resources (53)

http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
http://secunia.com/advisories/19811
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
http://secunia.com/advisories/19852
http://secunia.com/advisories/19780
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/25806
http://www.debian.org/security/2006/dsa-1044
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.debian.org/security/2006/dsa-1046
http://secunia.com/advisories/19902
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://secunia.com/advisories/19823
http://secunia.com/advisories/19746
http://secunia.com/advisories/19941
http://secunia.com/advisories/19821
http://secunia.com/advisories/19862
http://secunia.com/advisories/19863
http://secunia.com/advisories/21622
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://secunia.com/advisories/20051
http://www.vupen.com/english/advisories/2006/1356
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
http://secunia.com/advisories/19714
http://secunia.com/advisories/19759
http://secunia.com/advisories/19631
http://secunia.com/advisories/19950
http://www.redhat.com/support/errata/RHSA-2006-0330.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.securityfocus.com/archive/1/438730/100/0/threaded
http://www.debian.org/security/2006/dsa-1051
https://usn.ubuntu.com/276-1/
http://secunia.com/advisories/21033
http://www.redhat.com/support/errata/RHSA-2006-0328.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1855
http://secunia.com/advisories/19729
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
http://www.mozilla.org/security/announce/2006/mfsa2006-09.html
https://nvd.nist.gov/vuln/detail/CVE-2006-1741
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
http://secunia.com/advisories/19721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9167
https://usn.ubuntu.com/271-1/
http://www.redhat.com/support/errata/RHSA-2006-0329.html
http://secunia.com/advisories/19696
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
https://usn.ubuntu.com/275-1/
https://www.mend.io/vulnerability-database/CVE-2006-1741

Severity Score

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us