VDB
CVE-2006-2785
CVE-2006-2785
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.
EPSS 2.01% · 84.1th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
2.01%
84.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | firefox | 0, 0, 0 |
| n/a | n/a | n/a, n/a |
Exploit Intelligence
- 21176 (circl)
- MDKSA-2006:145 (circl)
- ADV-2006-3748 (circl)
- USN-296-1 (circl)
- USN-323-1 (circl)
- 20561 (circl)
- RHSA-2006:0594 (circl)
- 21336 (circl)
- 20060602 rPSA-2006-0091-1 firefox thunderbird (circl)
- RHSA-2006:0610 (circl)
…and 29 more exploits
Timeline
- Jun 2, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 6, 2023 EPSS Score
- May 14, 2023 EPSS Score
- Jun 21, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- http://secunia.com/advisories/21324 technical
- http://secunia.com/advisories/21336 technical
- http://secunia.com/advisories/21532 technical
- http://secunia.com/advisories/21631 technical
- http://secunia.com/advisories/22066 technical
- http://securitytracker.com/id?1016202 technical
- http://secunia.com/advisories/21176 technical
- http://secunia.com/advisories/21178 technical
- http://secunia.com/advisories/21183 technical
- http://secunia.com/advisories/21188 technical
- http://secunia.com/advisories/21269 technical
- http://secunia.com/advisories/21270 technical
- MDKSA-2006:145 vendor-advisory
- ADV-2006-3748 vdb
- USN-296-1 vendor-advisory
- USN-323-1 vendor-advisory
- 20561 third-party-advisory
- RHSA-2006:0594 vendor-advisory
- 20060602 rPSA-2006-0091-1 firefox thunderbird mailing-list
- RHSA-2006:0610 vendor-advisory
…and 23 more