CVE-2006-4569

medium

Description

The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650

https://issues.rpath.com/browse/RPL-640

https://exchange.xforce.ibmcloud.com/vulnerabilities/28957

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742

http://www.vupen.com/english/advisories/2008/0083

http://www.vupen.com/english/advisories/2007/1198

http://www.vupen.com/english/advisories/2006/3748

http://www.ubuntu.com/usn/usn-354-1

http://www.ubuntu.com/usn/usn-351-1

http://www.securityfocus.com/bid/20042

http://www.securityfocus.com/archive/1/446140/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2006-0675.html

http://www.novell.com/linux/security/advisories/2006_54_mozilla.html

http://www.mozilla.org/security/announce/2006/mfsa2006-62.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:168

http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm

http://securitytracker.com/id?1016849

http://security.gentoo.org/glsa/glsa-200609-19.xml

http://secunia.com/advisories/24711

http://secunia.com/advisories/22422

http://secunia.com/advisories/22210

http://secunia.com/advisories/22195

http://secunia.com/advisories/22066

http://secunia.com/advisories/22056

http://secunia.com/advisories/22025

http://secunia.com/advisories/22001

http://secunia.com/advisories/21950

http://secunia.com/advisories/21949

Details

Source: Mitre, NVD

Published: 2006-09-15

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium