CVE-2006-1740

14 documents9 sources

Severity

2.6LOW

EPSS

2.2%

top 15.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Mozilla Suite Mozilla Seamonkey +1 more

Timeline

PublishedApr 14

Latest updateMay 3

Description

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages5 packages

▶NVDmozilla/firefox1.0.7+8

▶NVDmozilla/seamonkey1.0+1

▶NVDmozilla/mozilla_suite1.7.12+5

▶NVDmozilla/thunderbird1.0.7+8

▶Debianthunderbird< 1.5.0.2-1+3

🔴Vulnerability Details

GHSA

GHSA-3gq2-8vxj-g5w7: Mozilla Firefox 1↗2022-05-03

▶

CVEList

CVE-2006-1740: Mozilla Firefox 1↗2006-04-14

▶

OSV

CVE-2006-1740: Mozilla Firefox 1↗2006-04-14

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX 10.4.5 Mail.app - Real Name Buffer Overflow↗2006-03-13

▶

📋Vendor Advisories

Ubuntu

Mozilla vulnerabilities↗2006-04-28

▶

Ubuntu

Firefox vulnerabilities↗2006-04-20

▶

Red Hat

security flaw↗2006-04-14

▶

Debian

CVE-2006-1740: firefox - Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7....↗2006

▶

💬Community

Bugzilla

CVE-2006-1740 security flaw↗2018-08-16

▶

Bugzilla

CVE-2006-1740 Secure-site spoof (requires security warning dialog)↗2006-04-13

▶

Bugzilla

CVE-2006-1740 Secure-site spoof (requires security warning dialog)↗2006-04-13

▶

Bugzilla

CVE-2006-1740 Secure-site spoof (requires security warning dialog)↗2006-04-13

▶

Bugzilla

CVE-2006-1740 Secure-site spoof (requires security warning dialog)↗2006-04-13

▶