cbcvebase.
CVE-2006-4569
published 2006-09-15

CVE-2006-4569: The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which…

PriorityP47low2.6CVSS 2.0
AVNACHAuNCNIPAN
EPSS
2.13%
79.7th percentile
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.

Affected

7 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 1.5.dfsg+1.5.0.7-1 (sid)firefox 1.5.dfsg+1.5.0.7-1 (sid)
debianthunderbird< firefox 1.5.dfsg+1.5.0.7-1 (sid)firefox 1.5.dfsg+1.5.0.7-1 (sid)
mozillafirefox<= 1.5.0.6
mozillathunderbird>= 0 < 1.5.0.7-11.5.0.7-1
mozillathunderbird>= 0 < 1.5.0.7-11.5.0.7-1
mozillathunderbird>= 0 < 1.5.0.7-11.5.0.7-1
mozillathunderbird>= 0 < 1.5.0.7-11.5.0.7-1

CVSS provenance

nvdv2.02.6LOWAV:N/AC:H/Au:N/C:N/I:P/A:N
osv2.6LOW
vendor_ubuntu7.6HIGH
vendor_debian2.6LOW
vendor_redhat2.6LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.