Lucene search

[email protected]NVD:CVE-2006-3810

HistoryJul 27, 2006 - 8:04 p.m.

CVE-2006-3810

2006-07-2720:04:00

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.3 Medium

AI Score

Confidence

High

0.32 Low

EPSS

Percentile

97.0%

JSON

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.

Affected configurations

NVD

Node

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0dev

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.4

References

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

rhn.redhat.com/errata/RHSA-2006-0609.html

secunia.com/advisories/19873

secunia.com/advisories/21216

secunia.com/advisories/21228

secunia.com/advisories/21229

secunia.com/advisories/21243

secunia.com/advisories/21246

secunia.com/advisories/21250

secunia.com/advisories/21262

secunia.com/advisories/21269

secunia.com/advisories/21270

secunia.com/advisories/21275

secunia.com/advisories/21336

secunia.com/advisories/21343

secunia.com/advisories/21358

secunia.com/advisories/21361

secunia.com/advisories/21529

secunia.com/advisories/21532

secunia.com/advisories/21607

secunia.com/advisories/21631

secunia.com/advisories/21634

secunia.com/advisories/21654

secunia.com/advisories/22055

secunia.com/advisories/22065

secunia.com/advisories/22066

secunia.com/advisories/22210

security.gentoo.org/glsa/glsa-200608-02.xml

security.gentoo.org/glsa/glsa-200608-04.xml

securitytracker.com/id?1016586

securitytracker.com/id?1016587

securitytracker.com/id?1016588

www.debian.org/security/2006/dsa-1159

www.debian.org/security/2006/dsa-1160

www.gentoo.org/security/en/glsa/glsa-200608-03.xml

www.kb.cert.org/vuls/id/911004

www.mandriva.com/security/advisories?name=MDKSA-2006:143

www.mandriva.com/security/advisories?name=MDKSA-2006:145

www.mandriva.com/security/advisories?name=MDKSA-2006:146

www.mozilla.org/security/announce/2006/mfsa2006-54.html

www.novell.com/linux/security/advisories/2006_48_seamonkey.html

www.redhat.com/support/errata/RHSA-2006-0594.html

www.redhat.com/support/errata/RHSA-2006-0608.html

www.redhat.com/support/errata/RHSA-2006-0610.html

www.redhat.com/support/errata/RHSA-2006-0611.html

www.securityfocus.com/archive/1/441333/100/0/threaded

www.securityfocus.com/archive/1/446657/100/200/threaded

www.securityfocus.com/archive/1/446658/100/200/threaded

www.securityfocus.com/bid/19181

www.ubuntu.com/usn/usn-350-1

www.ubuntu.com/usn/usn-354-1

www.vupen.com/english/advisories/2006/2998

www.vupen.com/english/advisories/2006/3748

www.vupen.com/english/advisories/2006/3749

www.vupen.com/english/advisories/2008/0083

exchange.xforce.ibmcloud.com/vulnerabilities/27991

issues.rpath.com/browse/RPL-536

issues.rpath.com/browse/RPL-537

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10113

usn.ubuntu.com/327-1/

usn.ubuntu.com/329-1/

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.3 Medium

AI Score

Confidence

High

0.32 Low

EPSS

Percentile

97.0%

JSON

Related for NVD:CVE-2006-3810

ubuntucve1 cvelist1 cve1 mozilla1 cert1 debiancve1 nessus29 openvas21 osv2 debian4 gentoo3 ubuntu3 centos5 suse1 freebsd1 redhat5 oraclelinux2