Canonical » Ubuntu Linux » 5.10 : Security Vulnerabilities, CVEs, Published In 2006 (XSS)

cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*

CVE-2006-6503

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
Max CVSS
6.8
EPSS Score
15.64%
Published
2006-12-20
Updated
2018-10-17

CVE-2006-1741

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".
Max CVSS
4.3
EPSS Score
5.93%
Published
2006-04-14
Updated
2018-10-18
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close