Vulnerability Details : CVE-2006-4569
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2006-4569
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-4569
0.53%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-4569
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.6
|
LOW | AV:N/AC:H/Au:N/C:N/I:P/A:N |
4.9
|
2.9
|
NIST |
References for CVE-2006-4569
-
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
-
http://www.securityfocus.com/archive/1/446140/100/0/threaded
-
http://www.ubuntu.com/usn/usn-354-1
500: Server error | Ubuntu
-
http://www.vupen.com/english/advisories/2008/0083
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.ubuntu.com/usn/usn-351-1
USN-351-1: firefox vulnerabilities | Ubuntu security notices | Ubuntu
-
http://www.redhat.com/support/errata/RHSA-2006-0675.html
Support
-
http://security.gentoo.org/glsa/glsa-200609-19.xml
Mozilla Firefox: Multiple vulnerabilities (GLSA 200609-19) — Gentoo security
-
http://www.mozilla.org/security/announce/2006/mfsa2006-62.html
Popup-blocker cross-site scripting (XSS) — MozillaVendor Advisory
-
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html
404 Page Not Found | SUSE
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168
Mandriva
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650
404 Not Found
-
http://securitytracker.com/id?1016849
GoDaddy Domain Name Search
-
https://issues.rpath.com/browse/RPL-640
-
http://www.securityfocus.com/bid/20042
-
http://www.vupen.com/english/advisories/2006/3748
Site en construction
-
http://www.vupen.com/english/advisories/2007/1198
Site en construction
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/28957
Mozilla Firefox popup blocker cross-site scripting CVE-2006-4569 Vulnerability Report
-
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
ASA-2006-224 (RHSA-2006-0675)
Jump to