Vulnerability Description
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | <= 1.0.7 |
| Mozilla | Mozilla Suite | <= 1.7.12 |
| Mozilla | Seamonkey | <= 1.0 |
| Mozilla | Thunderbird | <= 1.0.7 |
References
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
- ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
- http://secunia.com/advisories/19631
- http://secunia.com/advisories/19696
- http://secunia.com/advisories/19714
- http://secunia.com/advisories/19721
- http://secunia.com/advisories/19729
- http://secunia.com/advisories/19746
- http://secunia.com/advisories/19759
- http://secunia.com/advisories/19794
- http://secunia.com/advisories/19811
- http://secunia.com/advisories/19852
- http://secunia.com/advisories/19862
- http://secunia.com/advisories/19863
FAQ
What is CVE-2006-1740?
CVE-2006-1740 is a vulnerability with a CVSS score of 2.6 (LOW). Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening ...
How severe is CVE-2006-1740?
CVE-2006-1740 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1740?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Mozilla Suite, Mozilla Seamonkey, Mozilla Thunderbird.