[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3810Date: (C)2006-07-27   (M)2023-12-22


Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016586
SECTRACK-1016587
SECTRACK-1016588
BID-19181
SECUNIA-19873
20060703-01-P
http://www.securityfocus.com/archive/1/archive/1/441333/100/0/threaded
SECUNIA-21216
SECUNIA-21228
SECUNIA-21229
SECUNIA-21243
SECUNIA-21246
SECUNIA-21250
SECUNIA-21262
SECUNIA-21269
SECUNIA-21270
SECUNIA-21275
SECUNIA-21336
SECUNIA-21343
SECUNIA-21358
SECUNIA-21361
SECUNIA-21529
SECUNIA-21532
SECUNIA-21607
SECUNIA-21631
SECUNIA-21634
SECUNIA-21654
SECUNIA-22055
SECUNIA-22065
SECUNIA-22066
SECUNIA-22210
ADV-2006-2998
ADV-2006-3748
ADV-2006-3749
ADV-2008-0083
DSA-1159
DSA-1160
GLSA-200608-02
GLSA-200608-03
GLSA-200608-04
HPSBUX02153
HPSBUX02156
MDKSA-2006:143
MDKSA-2006:145
MDKSA-2006:146
RHSA-2006:0594
RHSA-2006:0608
RHSA-2006:0609
RHSA-2006:0610
RHSA-2006:0611
SSRT061181
SUSE-SA:2006:048
USN-327-1
USN-329-1
USN-350-1
USN-354-1
VU#911004
http://www.mozilla.org/security/announce/2006/mfsa2006-54.html
https://issues.rpath.com/browse/RPL-536
https://issues.rpath.com/browse/RPL-537
mozilla-xpcnativewrapper-xss(27991)

CPE    11
cpe:/a:mozilla:seamonkey:1.0.1
cpe:/a:mozilla:seamonkey:1.0.2
cpe:/a:mozilla:seamonkey:1.0
cpe:/a:mozilla:firefox:1.5.0.4
...

© SecPod Technologies