XSS in Mozilla Firefox
CVE-2006-1741
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler wh…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.039 (88.9th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox — versions 1.5
- Mozilla Mozilla_suite
- Mozilla Seamonkey
- Canonical Ubuntu_linux — versions 4.10, 5.04, 5.10
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Exploit)
- secalert@redhat.com (x_refsource_HP, vendor-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)