CVE-2006-3810 — Cross-site Scripting in Firefox
17 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
13.6%
top 5.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 27
Latest updateMay 3
Description
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
CVSS vector
AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4
Affected Packages6 packages
Patches
🔴Vulnerability Details
2📋Vendor Advisories
5💬Community
9Bugzilla▶
major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3↗2006-07-27
Bugzilla▶
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-↗2006-07-26
Bugzilla▶
CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-↗2006-07-25