cvelistv5 - cve-2006-1725

CVE-2006-1725 (GCVE-0-2006-1725)

Vulnerability from cvelistv5 – Published: 2006-04-14 10:00 – Updated: 2024-08-07 17:19

Summary

Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=327014	x_refsource_MISC
	http://www.vupen.com/english/advisories/2006/3748	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2008/0083	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/446658/100…	vendor-advisoryx_refsource_HP
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/1356	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/446658/100…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/19649	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.mozilla.org/security/announce/2006/mfs…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/17516	vdb-entryx_refsource_BID
	http://secunia.com/advisories/22066	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/19631	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:19:49.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
          },
          {
            "name": "ADV-2006-3748",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3748"
          },
          {
            "name": "ADV-2008-0083",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0083"
          },
          {
            "name": "SSRT061181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "mozilla-xul-window-spoofing(25827)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
          },
          {
            "name": "ADV-2006-1356",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1356"
          },
          {
            "name": "HPSBUX02153",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "19649",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19649"
          },
          {
            "name": "oval:org.mitre.oval:def:1471",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
          },
          {
            "name": "17516",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17516"
          },
          {
            "name": "22066",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22066"
          },
          {
            "name": "19631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19631"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
        },
        {
          "name": "ADV-2006-3748",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3748"
        },
        {
          "name": "ADV-2008-0083",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0083"
        },
        {
          "name": "SSRT061181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
        },
        {
          "name": "mozilla-xul-window-spoofing(25827)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
        },
        {
          "name": "ADV-2006-1356",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1356"
        },
        {
          "name": "HPSBUX02153",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
        },
        {
          "name": "19649",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19649"
        },
        {
          "name": "oval:org.mitre.oval:def:1471",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
        },
        {
          "name": "17516",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17516"
        },
        {
          "name": "22066",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22066"
        },
        {
          "name": "19631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19631"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-1725",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014",
              "refsource": "MISC",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
            },
            {
              "name": "ADV-2006-3748",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3748"
            },
            {
              "name": "ADV-2008-0083",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0083"
            },
            {
              "name": "SSRT061181",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            },
            {
              "name": "mozilla-xul-window-spoofing(25827)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
            },
            {
              "name": "ADV-2006-1356",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1356"
            },
            {
              "name": "HPSBUX02153",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            },
            {
              "name": "19649",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19649"
            },
            {
              "name": "oval:org.mitre.oval:def:1471",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
            },
            {
              "name": "17516",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17516"
            },
            {
              "name": "22066",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22066"
            },
            {
              "name": "19631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19631"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-1725",
    "datePublished": "2006-04-14T10:00:00",
    "dateReserved": "2006-04-12T00:00:00",
    "dateUpdated": "2024-08-07T17:19:49.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.5\", \"versionEndExcluding\": \"1.5.0.2\", \"matchCriteriaId\": \"04455349-5186-4BF4-8EE1-F4852B806F47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1\", \"matchCriteriaId\": \"976B9AFA-0129-480B-B226-892CECD59287\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.\"}]",
      "evaluatorSolution": "Fixed in: \r\n  Firefox 1.5.0.2\r\n  SeaMonkey 1.0.1",
      "id": "CVE-2006-1725",
      "lastModified": "2024-11-21T00:09:35.630",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:N/I:P/A:N\", \"baseScore\": 2.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 4.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2006-04-14T10:02:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/19631\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/19649\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22066\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2006/mfsa2006-29.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/17516\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1356\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3748\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0083\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=327014\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25827\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/19631\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/19649\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22066\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2006/mfsa2006-29.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446658/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/17516\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1356\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=327014\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25827\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-1725\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-04-14T10:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:N/I:P/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5\",\"versionEndExcluding\":\"1.5.0.2\",\"matchCriteriaId\":\"04455349-5186-4BF4-8EE1-F4852B806F47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1\",\"matchCriteriaId\":\"976B9AFA-0129-480B-B226-892CECD59287\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/19649\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22066\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-29.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3748\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=327014\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25827\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/19631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/19649\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22066\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2006/mfsa2006-29.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446658/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/17516\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/1356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=327014\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}],\"evaluatorSolution\":\"Fixed in: \\r\\n  Firefox 1.5.0.2\\r\\n  SeaMonkey 1.0.1\"}}"
  }
}

GSD-2006-1725

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-1725

Aliases

CVE-2006-1725

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1725",
    "description": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.",
    "id": "GSD-2006-1725"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1725"
      ],
      "details": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.",
      "id": "GSD-2006-1725",
      "modified": "2023-12-13T01:19:54.947975Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-1725",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
          },
          {
            "name": "ADV-2006-3748",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3748"
          },
          {
            "name": "ADV-2008-0083",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0083"
          },
          {
            "name": "SSRT061181",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "mozilla-xul-window-spoofing(25827)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
          },
          {
            "name": "ADV-2006-1356",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1356"
          },
          {
            "name": "HPSBUX02153",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
          },
          {
            "name": "19649",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19649"
          },
          {
            "name": "oval:org.mitre.oval:def:1471",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html",
            "refsource": "CONFIRM",
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
          },
          {
            "name": "17516",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17516"
          },
          {
            "name": "22066",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22066"
          },
          {
            "name": "19631",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19631"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.5.0.2",
                "versionStartIncluding": "1.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.0.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-1725"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
            },
            {
              "name": "17516",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/17516"
            },
            {
              "name": "19631",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/19631"
            },
            {
              "name": "19649",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19649"
            },
            {
              "name": "22066",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/22066"
            },
            {
              "name": "ADV-2006-1356",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1356"
            },
            {
              "name": "ADV-2008-0083",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0083"
            },
            {
              "name": "ADV-2006-3748",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3748"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
            },
            {
              "name": "mozilla-xul-window-spoofing(25827)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
            },
            {
              "name": "oval:org.mitre.oval:def:1471",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
            },
            {
              "name": "SSRT061181",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-18T16:34Z",
      "publishedDate": "2006-04-14T10:02Z"
    }
  }
}

CERTA-2006-AVI-156

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Plusieurs vulnérabilités sont présentes dans Mozilla Firefox. Elles permettent à un utilisateur distant mal intentionné :

d'exécuter du code arbitraire ;
de provoquer un déni de service ;
de contourner la politique de sécurité du système ;
de porter atteinte à la confidentialité des données ;
de réaliser des attaques de type Cross-Site Scripting.

Solution

La version 1.5.0.2 de Mozilla Firefox corrige le problème :

http://www.mozilla.com/firefox/

Mozilla Firefox versions 1.5.0.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Firefox du 13 avril 2006	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2006:0328 du 14 avril 2006 :	-	other
Bulletin de sécurité Ubuntu USN-271 du 19 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:075 du 24 avril 2006 :	-	other
Bulletin de sécurité FreeBSD du 16 avril 2006 :	-	other
Bulletin de sécurité Mozilla du 13 avril 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200604-12 du 23 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0330 du 21 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:078 du 25 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:076 du 25 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0329 du 18 avril 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMozilla Firefox versions 1.5.0.1 et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Mozilla Firefox. Elles\npermettent \u00e0 un utilisateur distant mal intentionn\u00e9 :\n\n-   d\u0027ex\u00e9cuter du code arbitraire ;\n-   de provoquer un d\u00e9ni de service ;\n-   de contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me ;\n-   de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es ;\n-   de r\u00e9aliser des attaques de type Cross-Site Scripting.\n\n## Solution\n\nLa version 1.5.0.2 de Mozilla Firefox corrige le probl\u00e8me :\n\n    http://www.mozilla.com/firefox/\n",
  "cves": [
    {
      "name": "CVE-2006-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739"
    },
    {
      "name": "CVE-2006-1530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1530"
    },
    {
      "name": "CVE-2006-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729"
    },
    {
      "name": "CVE-2006-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734"
    },
    {
      "name": "CVE-2006-1730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730"
    },
    {
      "name": "CVE-2006-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737"
    },
    {
      "name": "CVE-2006-1728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728"
    },
    {
      "name": "CVE-2006-1732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732"
    },
    {
      "name": "CVE-2006-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1531"
    },
    {
      "name": "CVE-2006-1736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1736"
    },
    {
      "name": "CVE-2006-1740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740"
    },
    {
      "name": "CVE-2006-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738"
    },
    {
      "name": "CVE-2006-1742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742"
    },
    {
      "name": "CVE-2006-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1726"
    },
    {
      "name": "CVE-2006-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1725"
    },
    {
      "name": "CVE-2006-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733"
    },
    {
      "name": "CVE-2006-1727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727"
    },
    {
      "name": "CVE-2006-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1723"
    },
    {
      "name": "CVE-2006-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735"
    },
    {
      "name": "CVE-2006-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749"
    },
    {
      "name": "CVE-2006-1529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1529"
    },
    {
      "name": "CVE-2006-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741"
    },
    {
      "name": "CVE-2006-1731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731"
    },
    {
      "name": "CVE-2006-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0328 du 14 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0328.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-271 du 19 avril 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-271-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:075 du 24 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD du 16 avril 2006 :",
      "url": "http://www.vuxml.org/freebsd/pkg-linux-mozilla.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla du 13 avril 2006 :",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200604-12 du 23 avril 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0330 du 21 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0330.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:078 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:076 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0329 du 18 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0329.html"
    }
  ],
  "reference": "CERTA-2006-AVI-156",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-04-18T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 RedHat, FreeBSD et Ubuntu.",
      "revision_date": "2006-04-20T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo.",
      "revision_date": "2006-04-24T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva et RadHat.",
      "revision_date": "2006-04-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Attaque de type cross-site scripting"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Firefox",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Firefox du 13 avril 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-156

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Plusieurs vulnérabilités sont présentes dans Mozilla Firefox. Elles permettent à un utilisateur distant mal intentionné :

d'exécuter du code arbitraire ;
de provoquer un déni de service ;
de contourner la politique de sécurité du système ;
de porter atteinte à la confidentialité des données ;
de réaliser des attaques de type Cross-Site Scripting.

Solution

La version 1.5.0.2 de Mozilla Firefox corrige le problème :

http://www.mozilla.com/firefox/

Mozilla Firefox versions 1.5.0.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Firefox du 13 avril 2006	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2006:0328 du 14 avril 2006 :	-	other
Bulletin de sécurité Ubuntu USN-271 du 19 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:075 du 24 avril 2006 :	-	other
Bulletin de sécurité FreeBSD du 16 avril 2006 :	-	other
Bulletin de sécurité Mozilla du 13 avril 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200604-12 du 23 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0330 du 21 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:078 du 25 avril 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:076 du 25 avril 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0329 du 18 avril 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMozilla Firefox versions 1.5.0.1 et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Mozilla Firefox. Elles\npermettent \u00e0 un utilisateur distant mal intentionn\u00e9 :\n\n-   d\u0027ex\u00e9cuter du code arbitraire ;\n-   de provoquer un d\u00e9ni de service ;\n-   de contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me ;\n-   de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es ;\n-   de r\u00e9aliser des attaques de type Cross-Site Scripting.\n\n## Solution\n\nLa version 1.5.0.2 de Mozilla Firefox corrige le probl\u00e8me :\n\n    http://www.mozilla.com/firefox/\n",
  "cves": [
    {
      "name": "CVE-2006-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1739"
    },
    {
      "name": "CVE-2006-1530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1530"
    },
    {
      "name": "CVE-2006-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1729"
    },
    {
      "name": "CVE-2006-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1734"
    },
    {
      "name": "CVE-2006-1730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1730"
    },
    {
      "name": "CVE-2006-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1737"
    },
    {
      "name": "CVE-2006-1728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1728"
    },
    {
      "name": "CVE-2006-1732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1732"
    },
    {
      "name": "CVE-2006-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1531"
    },
    {
      "name": "CVE-2006-1736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1736"
    },
    {
      "name": "CVE-2006-1740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1740"
    },
    {
      "name": "CVE-2006-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1738"
    },
    {
      "name": "CVE-2006-1742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1742"
    },
    {
      "name": "CVE-2006-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1726"
    },
    {
      "name": "CVE-2006-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1725"
    },
    {
      "name": "CVE-2006-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1733"
    },
    {
      "name": "CVE-2006-1727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1727"
    },
    {
      "name": "CVE-2006-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1723"
    },
    {
      "name": "CVE-2006-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1735"
    },
    {
      "name": "CVE-2006-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0749"
    },
    {
      "name": "CVE-2006-1529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1529"
    },
    {
      "name": "CVE-2006-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1741"
    },
    {
      "name": "CVE-2006-1731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1731"
    },
    {
      "name": "CVE-2006-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1724"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0328 du 14 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0328.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-271 du 19 avril 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-271-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:075 du 24 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD du 16 avril 2006 :",
      "url": "http://www.vuxml.org/freebsd/pkg-linux-mozilla.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla du 13 avril 2006 :",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200604-12 du 23 avril 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0330 du 21 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0330.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:078 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:076 du 25 avril    2006 :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:076"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0329 du 18 avril 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0329.html"
    }
  ],
  "reference": "CERTA-2006-AVI-156",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-04-18T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 RedHat, FreeBSD et Ubuntu.",
      "revision_date": "2006-04-20T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo.",
      "revision_date": "2006-04-24T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva et RadHat.",
      "revision_date": "2006-04-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Attaque de type cross-site scripting"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Firefox",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Firefox du 13 avril 2006",
      "url": null
    }
  ]
}

FKIE_CVE-2006-1725

Vulnerability from fkie_nvd - Published: 2006-04-14 10:02 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://secunia.com/advisories/19631	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/19649	Third Party Advisory, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/22066	Third Party Advisory
secalert@redhat.com	http://www.mozilla.org/security/announce/2006/mfsa2006-29.html	Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/446658/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/17516	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/1356	Permissions Required, Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3748	Permissions Required, Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0083	Permissions Required, Third Party Advisory
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=327014	Exploit, Issue Tracking, Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/25827	Third Party Advisory, VDB Entry
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19631	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19649	Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22066	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2006/mfsa2006-29.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446658/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17516	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1356	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3748	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0083	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=327014	Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25827	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471	Third Party Advisory

Impacted products

	Vendor	Product	Version
	mozilla	firefox	*
	mozilla	seamonkey	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04455349-5186-4BF4-8EE1-F4852B806F47",
              "versionEndExcluding": "1.5.0.2",
              "versionStartIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B9AFA-0129-480B-B226-892CECD59287",
              "versionEndExcluding": "1.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code."
    }
  ],
  "evaluatorSolution": "Fixed in: \r\n  Firefox 1.5.0.2\r\n  SeaMonkey 1.0.1",
  "id": "CVE-2006-1725",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-14T10:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-RR6J-4Q7X-GG9M

Vulnerability from github – Published: 2022-05-01 06:52 – Updated: 2022-05-01 06:52

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1725"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-04-14T10:02:00Z",
    "severity": "LOW"
  },
  "details": "Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.",
  "id": "GHSA-rr6j-4q7x-gg9m",
  "modified": "2022-05-01T06:52:20Z",
  "published": "2022-05-01T06:52:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1725"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327014"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25827"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19631"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19649"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22066"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-29.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17516"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1356"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3748"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-1725 (GCVE-0-2006-1725)

GSD-2006-1725

CERTA-2006-AVI-156

Description

Solution

CERTA-2006-AVI-156

Description

Solution

FKIE_CVE-2006-1725

GHSA-RR6J-4Q7X-GG9M

Tags

Sightings

Nomenclature