CVE-2006-1741 Information

Feb 14, 2021 cve

Description

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8 Mozilla Suite before 1.7.13 and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) \using a modal alert to suspend an event handler while a new page is being loaded\ (2) using eval() and using certain variants involving (3) \new Script;\ and (4) using window.proto to extend eval aka \cross-site JavaScript injection.

Reference

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http://secunia.com/advisories/19759 http://secunia.com/advisories/19780 http://secunia.com/advisories/19811 http://secunia.com/advisories/19821 http://secunia.com/advisories/19823 http://secunia.com/advisories/19852 http://secunia.com/advisories/19862 http://secunia.com/advisories/19863 http://secunia.com/advisories/19902 http://secunia.com/advisories/19941 http://secunia.com/advisories/19950 http://secunia.com/advisories/20051 http://secunia.com/advisories/21033 http://secunia.com/advisories/21622 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.debian.org/security/2006/dsa-1044 http://www.debian.org/security/2006/dsa-1046 http://www.debian.org/security/2006/dsa-1051 http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 http://www.mozilla.org/security/announce/2006/mfsa2006-09.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html http://www.redhat.com/support/errata/RHSA-2006-0328.html http://www.redhat.com/support/errata/RHSA-2006-0329.html http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/436296/100/0/threaded http://www.securityfocus.com/archive/1/436338/100/0/threaded http://www.securityfocus.com/archive/1/438730/100/0/threaded http://www.vupen.com/english/advisories/2006/1356 https://exchange.xforce.ibmcloud.com/vulnerabilities/25806 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1855 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9167 https://usn.ubuntu.com/271-1/ https://usn.ubuntu.com/275-1/ https://usn.ubuntu.com/276-1/

Share on: