FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4569

This CVE name corresponds to:

Entered Topic
2006-09-15 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-4569 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-4569
Phase Assigned(20060906)

Description

The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.

References

Source Reference
BUGTRAQ 20060915 rPSA-2006-0169-1 firefox thunderbird
CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-62.html
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
CONFIRM https://issues.rpath.com/browse/RPL-640
GENTOO GLSA-200609-19
HP HPSBUX02153
HP SSRT061181
MANDRIVA MDKSA-2006:168
REDHAT RHSA-2006:0675
SUSE SUSE-SA:2006:054
UBUNTU USN-351-1
UBUNTU USN-354-1
BID 20042
OVAL oval:org.mitre.oval:def:10650
VUPEN ADV-2007-1198
VUPEN ADV-2006-3748
VUPEN ADV-2008-0083
SECTRACK 1016849
SECUNIA 21949
SECUNIA 21950
SECUNIA 22001
SECUNIA 22025
SECUNIA 22210
SECUNIA 22422
SECUNIA 22056
SECUNIA 22195
SECUNIA 24711
SECUNIA 22066
XF firefox-popup-blocker-xss(28957)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.