NVD

Id
61470  
Name
CVE-2006-2785  
Description
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-06-02  
Modified Date
2011-03-07  
Seq
2006-2785  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
317918 61470 CVE-2006-2785 oval:org.mitre.oval:def:10545  View
317919 61470 CVE-2006-2785 RHSA-2006:0609  View
317920 61470 CVE-2006-2785 1016202  View
317921 61470 CVE-2006-2785 DSA-1118  View
317922 61470 CVE-2006-2785 DSA-1120  View
317923 61470 CVE-2006-2785 DSA-1134  View
317924 61470 CVE-2006-2785 GLSA-200606-12  View
317925 61470 CVE-2006-2785 MDKSA-2006:143  View
317926 61470 CVE-2006-2785 MDKSA-2006:145  View
317927 61470 CVE-2006-2785 http://www.mozilla.org/security/announce/2006/mfsa2006-34.html  View
317928 61470 CVE-2006-2785 SUSE-SA:2006:035  View
317929 61470 CVE-2006-2785 RHSA-2006:0578  View
317930 61470 CVE-2006-2785 RHSA-2006:0594  View
317931 61470 CVE-2006-2785 RHSA-2006:0610  View
317932 61470 CVE-2006-2785 RHSA-2006:0611  View
317933 61470 CVE-2006-2785 20060602 rPSA-2006-0091-1 firefox thunderbird  View
317934 61470 CVE-2006-2785 SSRT061181  View
317935 61470 CVE-2006-2785 18228  View
317936 61470 CVE-2006-2785 USN-296-1  View
317937 61470 CVE-2006-2785 USN-296-2  View
317938 61470 CVE-2006-2785 USN-323-1  View
317939 61470 CVE-2006-2785 ADV-2006-2106  View
317940 61470 CVE-2006-2785 ADV-2006-3748  View
317941 61470 CVE-2006-2785 ADV-2008-0083  View
317942 61470 CVE-2006-2785 mozilla-viewimage-xss(26845)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58129 JVNDB-2006-000325 Mozilla Firefox/SeaMonkey の SRC 属性の処理におけるクロスサイトスクリプティングの脆弱性 Mozilla Firefox および SeaMonkey には、IMG/IFRAME 要素における SRC 属性の処理に不備が存在するため、javascript 形式の URL を設定し、コンテキストメニューから「画像を表示」あるいは 「このフレームだけを表示」を選択した場合にクロスサイトスクリプティング攻撃が可能となる問題が存在します。 CVE-2006-2785 18887 CVE-2006-2785 61470 4.3 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000325.html 2006-06-01 2007-04-01 View