GSD-2006-2785 — Vulnetix

Try Vulnetix Request Demo

GSD-2006-2785 PUBLISHED

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

Timeline

Apr 20, 2026 Distribution Patch
Apr 20, 2026 Distribution Patch
Apr 20, 2026 Distribution Patch
Apr 20, 2026 Security Advisory
Apr 20, 2026 Security Advisory
Apr 20, 2026 Security Advisory
Apr 20, 2026 CVE Published

References

21176 third-party-advisory
MDKSA-2006:145 vendor-advisory
ADV-2006-3748 vdb
USN-296-1 vendor-advisory
USN-323-1 vendor-advisory
20561 third-party-advisory
RHSA-2006:0594 vendor-advisory
21336 third-party-advisory
20060602 rPSA-2006-0091-1 firefox thunderbird mailing-list
RHSA-2006:0610 vendor-advisory
20376 third-party-advisory
RHSA-2006:0609 vendor-advisory
mozilla-viewimage-xss(26845) vdb
21178 third-party-advisory
1016202 vdb
18228 vdb
21532 third-party-advisory
21270 third-party-advisory
ADV-2008-0083 vdb
http://www.mozilla.org/security/announce/2006/mfsa2006-34.html url

…and 19 more

Open in Interactive Console →