CVE-2006-4569 Information

Description

The popup blocker in Mozilla Firefox before 1.5.0.7 opens the \blocked popups\ display in the context of the Location bar instead of the subframe from which the popup originated which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.

Reference

http://secunia.com/advisories/21949 http://secunia.com/advisories/21950 http://secunia.com/advisories/22001 http://secunia.com/advisories/22025 http://secunia.com/advisories/22056 http://secunia.com/advisories/22066 http://secunia.com/advisories/22195 http://secunia.com/advisories/22210 http://secunia.com/advisories/22422 http://secunia.com/advisories/24711 http://security.gentoo.org/glsa/glsa-200609-19.xml http://securitytracker.com/id?1016849 http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm http://www.mandriva.com/security/advisories?name=MDKSA-2006:168 http://www.mozilla.org/security/announce/2006/mfsa2006-62.html http://www.novell.com/linux/security/advisories/2006_54_mozilla.html http://www.redhat.com/support/errata/RHSA-2006-0675.html http://www.securityfocus.com/archive/1/446140/100/0/threaded http://www.securityfocus.com/bid/20042 http://www.ubuntu.com/usn/usn-351-1 http://www.ubuntu.com/usn/usn-354-1 http://www.vupen.com/english/advisories/2006/3748 http://www.vupen.com/english/advisories/2007/1198 http://www.vupen.com/english/advisories/2008/0083 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 https://exchange.xforce.ibmcloud.com/vulnerabilities/28957 https://issues.rpath.com/browse/RPL-640 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10650