Lucene search

PRIOn knowledge basePRION:CVE-2006-1731

HistoryApr 14, 2006 - 10:02 a.m.

Cross site scripting

2006-04-1410:02:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.205 Low

EPSS

Percentile

96.2%

JSON

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

CPENameOperatorVersion
firefoxeq1.5 beta2
firefoxeq1.0.2
firefoxeq1.5 beta1
firefoxeq1.5
firefoxeq1.0.4
firefoxeq1.0
firefoxeq1.0.1
firefoxeq1.0.3
firefoxle1.0.7
firefoxeq1.0.5

Name	Operator	Version
firefox	eq	1.5 beta2
firefox	eq	1.0.2
firefox	eq	1.5 beta1
firefox	eq	1.5
firefox	eq	1.0.4
firefox	eq	1.0
firefox	eq	1.0.1
firefox	eq	1.0.3
firefox	le	1.0.7
firefox	eq	1.0.5

Rows per page:

1-10 of 301

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc

lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html

secunia.com/advisories/19631

secunia.com/advisories/19696

secunia.com/advisories/19714

secunia.com/advisories/19721

secunia.com/advisories/19729

secunia.com/advisories/19746

secunia.com/advisories/19759

secunia.com/advisories/19780

secunia.com/advisories/19794

secunia.com/advisories/19811

secunia.com/advisories/19821

secunia.com/advisories/19823

secunia.com/advisories/19852

secunia.com/advisories/19862

secunia.com/advisories/19863

secunia.com/advisories/19902

secunia.com/advisories/19941

secunia.com/advisories/19950

secunia.com/advisories/20051

secunia.com/advisories/21033

secunia.com/advisories/21622

sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

support.avaya.com/elmodocs2/security/ASA-2006-205.htm

www.debian.org/security/2006/dsa-1044

www.debian.org/security/2006/dsa-1046

www.debian.org/security/2006/dsa-1051

www.gentoo.org/security/en/glsa/glsa-200604-12.xml

www.gentoo.org/security/en/glsa/glsa-200604-18.xml

www.gentoo.org/security/en/glsa/glsa-200605-09.xml

www.mandriva.com/security/advisories?name=MDKSA-2006:075

www.mandriva.com/security/advisories?name=MDKSA-2006:076

www.mandriva.com/security/advisories?name=MDKSA-2006:078

www.mozilla.org/security/announce/2006/mfsa2006-19.html

www.novell.com/linux/security/advisories/2006_04_25.html

www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html

www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html

www.redhat.com/support/errata/RHSA-2006-0328.html

www.redhat.com/support/errata/RHSA-2006-0329.html

www.redhat.com/support/errata/RHSA-2006-0330.html

www.securityfocus.com/archive/1/436296/100/0/threaded

www.securityfocus.com/archive/1/436338/100/0/threaded

www.securityfocus.com/archive/1/438730/100/0/threaded

www.securityfocus.com/bid/17516

www.vupen.com/english/advisories/2006/1356

www.vupen.com/english/advisories/2006/3391

exchange.xforce.ibmcloud.com/vulnerabilities/25820

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604

usn.ubuntu.com/271-1/

usn.ubuntu.com/275-1/

usn.ubuntu.com/276-1/

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.205 Low

EPSS

Percentile

96.2%

JSON

Related for PRION:CVE-2006-1731