CVE Vulnerabilities

CVE-2006-2785

Published: Jun 02, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a View Image on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting Show only this frame on a frame whose SRC attribute contains a Javascript URL.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 1.5.0.3 (including)
Firefox Ubuntu dapper *
Firefox-granparadiso Ubuntu devel *
Lightning-sunbird Ubuntu devel *
Midbrowser Ubuntu devel *
Xulrunner Ubuntu devel *
Xulrunner Ubuntu edgy *
Xulrunner Ubuntu feisty *
Red Hat Enterprise Linux 3 RedHat seamonkey-0:1.0.2-0.1.0.EL3 *
Red Hat Enterprise Linux 4 RedHat devhelp-0:0.10-0.2.el4 *
Red Hat Enterprise Linux 4 RedHat seamonkey-0:1.0.3-0.el4.1 *
Red Hat Enterprise Linux 4 RedHat firefox-0:1.5.0.5-0.el4.1 *
Red Hat Enterprise Linux 4 RedHat thunderbird-0:1.5.0.5-0.el4.1 *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References