Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2006-4568

Published: 15/09/2006 Updated: 17/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Mozilla

Vulnerability Summary

Mozilla Firefox prior to 1.5.0.7 and SeaMonkey prior to 1.0.5 allows remote malicious users to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

mozilla seamonkey

Vendor Advisories

Ubuntu Security Notice: firefox vulnerabilities
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript (CVE-2006-4253, CVE-2006-4565, CVE-2006-4566, CVE-2006-4568, CVE-2006-4569 CVE-2006-4571) ...
Ubuntu Security Notice: mozilla vulnerabilities
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL (CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571) ...
Debian Security Advisories: DSA-1210-1 mozilla-firefox -- several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-2788 Fernando Ribeiro discovered that a vulnerability in the getRawDER function allows remote attackers to cause a denial of serv ...
Debian Security Advisories: DSA-1192-1 mozilla -- several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-2788 Fernando Ribeiro discovered that a vulnerability in the getRawDER function allows remote attackers to cause a denial of ...
Mozilla: Frame spoofing using document.open()
Mozilla Foundation Security Advisory 2006-61 Frame spoofing using documentopen() Announced September 14, 2006 Reporter shutdown Impact Low Products Firefox, SeaMonkey Fixed in Fir ...

References

CWE-79http://www.mozilla.org/security/announce/2006/mfsa2006-61.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0676.htmlhttp://secunia.com/advisories/21906http://secunia.com/advisories/21949http://www.redhat.com/support/errata/RHSA-2006-0675.htmlhttp://www.securityfocus.com/bid/20042http://securitytracker.com/id?1016855http://securitytracker.com/id?1016856http://secunia.com/advisories/21915http://secunia.com/advisories/21940http://secunia.com/advisories/21950ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.aschttp://secunia.com/advisories/22036http://secunia.com/advisories/22001http://security.gentoo.org/glsa/glsa-200609-19.xmlhttp://www.novell.com/linux/security/advisories/2006_54_mozilla.htmlhttp://www.ubuntu.com/usn/usn-351-1http://www.ubuntu.com/usn/usn-354-1http://secunia.com/advisories/22025http://www.us.debian.org/security/2006/dsa-1191http://secunia.com/advisories/22210http://secunia.com/advisories/22247http://support.avaya.com/elmodocs2/security/ASA-2006-224.htmhttp://www.debian.org/security/2006/dsa-1192http://security.gentoo.org/glsa/glsa-200610-04.xmlhttp://www.ubuntu.com/usn/usn-361-1http://secunia.com/advisories/22299http://secunia.com/advisories/22342http://secunia.com/advisories/22391http://secunia.com/advisories/22422http://www.debian.org/security/2006/dsa-1210http://secunia.com/advisories/22849http://secunia.com/advisories/22056http://secunia.com/advisories/22195https://issues.rpath.com/browse/RPL-640http://secunia.com/advisories/24711https://bugzilla.mozilla.org/show_bug.cgi?id=343168http://www.mandriva.com/security/advisories?name=MDKSA-2006:168http://secunia.com/advisories/22066http://www.vupen.com/english/advisories/2008/0083http://www.vupen.com/english/advisories/2006/3617http://www.vupen.com/english/advisories/2006/3748http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742http://www.vupen.com/english/advisories/2007/1198https://exchange.xforce.ibmcloud.com/vulnerabilities/28961https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9843http://www.securityfocus.com/archive/1/446140/100/0/threadedhttps://nvd.nist.govhttps://usn.ubuntu.com/351-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook