CVE-2006-2785 — Vulnetix

Try Vulnetix Request Demo

CVE-2006-2785 PUBLISHED CVSS 4.300000190734863 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

EPSS 2.01% · 83.6th percentile

Risk Scores

CVSS v2.0

4.300000190734863

EPSS Score

2.01%

83.6th percentile

Affected Products

Vendor	Product	Versions
mozilla	firefox	0, 0, 0
n/a	n/a	n/a, n/a

Timeline

Jun 2, 2006 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 6, 2023 EPSS Score
May 14, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

http://secunia.com/advisories/21324 technical
http://secunia.com/advisories/21336 technical
http://secunia.com/advisories/21532 technical
http://secunia.com/advisories/21631 technical
http://secunia.com/advisories/22066 technical
http://securitytracker.com/id?1016202 technical
http://secunia.com/advisories/21176 technical
http://secunia.com/advisories/21178 technical
http://secunia.com/advisories/21183 technical
http://secunia.com/advisories/21188 technical
http://secunia.com/advisories/21269 technical
http://secunia.com/advisories/21270 technical
MDKSA-2006:145 vendor-advisory
ADV-2006-3748 vdb
USN-296-1 vendor-advisory
USN-323-1 vendor-advisory
20561 third-party-advisory
RHSA-2006:0594 vendor-advisory
20060602 rPSA-2006-0091-1 firefox thunderbird mailing-list
RHSA-2006:0610 vendor-advisory

…and 23 more

Open in Interactive Console →