Description Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.
CVSS vector AV:N/AC:M/C:N/I:P/A:N Exploitability: 8.6 | Impact: 2.9 Confidentiality: None
Availability: None
Affected Packages6 packages Show 1 more packages
🔴 Vulnerability Details2 GHSA GHSA-q8q4-prmv-qrjp: Unspecified vulnerability in Mozilla Firefox and Thunderbird 1 ↗ 2022-05-03 ▶ OSV CVE-2006-1732: Unspecified vulnerability in Mozilla Firefox and Thunderbird 1 ↗ 2006-04-14 ▶
📋 Vendor Advisories5 Ubuntu Thunderbird vulnerabilities ↗ 2006-05-03 ▶ Ubuntu Mozilla vulnerabilities ↗ 2006-04-28 ▶ Ubuntu Firefox vulnerabilities ↗ 2006-04-20 ▶ Debian CVE-2006-1732: firefox - Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and ... ↗ 2006 ▶
💬 Community9 Bugzilla CVE-2006-1732 security flaw ↗ 2018-08-16 ▶ Bugzilla Mozilla Thunderbird multiple vulnerabilities (CVE-2006-0749, CVE-2006-1724, CVE-2006-1730, CVE-2006-0292, et al.) ↗ 2006-04-22 ▶ Bugzilla multiple critical Firefox, Mozilla vulnerabilities (CVE-2006-0749, CVE-2006-1724, et al.) ↗ 2006-04-17 ▶ Bugzilla CVE-2006-1732 cross-site scripting through window.controllers ↗ 2006-04-13 ▶ Bugzilla CVE-2006-1732 cross-site scripting through window.controllers ↗ 2006-04-13 ▶ Show 4 more