CVE-2006-1740

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2006-1740
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.

2.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-12.html
https://bugzilla.mozilla.org/show_bug.cgi?id=271194
http://www.redhat.com/support/errata/RHSA-2006-0328.html
http://www.securityfocus.com/bid/17516
http://secunia.com/advisories/19631
http://www.debian.org/security/2006/dsa-1044
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
http://secunia.com/advisories/19759
http://secunia.com/advisories/19794
http://www.debian.org/security/2006/dsa-1046
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
http://secunia.com/advisories/19811
http://secunia.com/advisories/19852
http://secunia.com/advisories/19862
http://secunia.com/advisories/19863
http://secunia.com/advisories/19902
http://www.debian.org/security/2006/dsa-1051
http://secunia.com/advisories/19941
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
http://secunia.com/advisories/19714
http://secunia.com/advisories/19721
http://secunia.com/advisories/19746
http://www.redhat.com/support/errata/RHSA-2006-0329.html
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
http://secunia.com/advisories/21033
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
http://secunia.com/advisories/21622
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://secunia.com/advisories/19696
http://secunia.com/advisories/19729
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
http://www.vupen.com/english/advisories/2006/1356
https://exchange.xforce.ibmcloud.com/vulnerabilities/25813
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10424
https://usn.ubuntu.com/275-1/
https://usn.ubuntu.com/271-1/
http://www.securityfocus.com/archive/1/438730/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/436296/100/0/threaded
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
Information

Published : 2006-04-14 03:02

Updated : 2018-10-18 09:35

NVD link : CVE-2006-1740

Mitre link : CVE-2006-1740

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

mozilla

  • firefox
  • thunderbird
  • seamonkey
  • mozilla_suite