Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-2785

Опубликовано: 02 июн. 2006
Источник: ubuntu
Приоритет: untriaged
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
edgy

not-affected

feisty

not-affected

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0~alpha7-0ubuntu6
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.5-0ubuntu4
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.1.6b-0ubuntu2
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

not-affected

devel

DNE

edgy

not-affected

feisty

not-affected

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.0.5-4.2
edgy

released

1.8.0.5-4.2
feisty

released

1.8.0.5-4.2
upstream

needs-triage

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2006-2785

redhat
около 19 лет назад

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

nvd логотип

CVE-2006-2785

nvd
около 19 лет назад

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

debian логотип

CVE-2006-2785

debian
около 19 лет назад

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5 ...

github логотип

GHSA-g55j-rqcq-fhgc

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

4.3 Medium

CVSS2