Vulnerability Description
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | <= 1.5.0.6 |
References
- http://secunia.com/advisories/21949PatchVendor Advisory
- http://secunia.com/advisories/21950
- http://secunia.com/advisories/22001
- http://secunia.com/advisories/22025
- http://secunia.com/advisories/22056
- http://secunia.com/advisories/22066
- http://secunia.com/advisories/22195
- http://secunia.com/advisories/22210
- http://secunia.com/advisories/22422
- http://secunia.com/advisories/24711
- http://security.gentoo.org/glsa/glsa-200609-19.xml
- http://securitytracker.com/id?1016849
- http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:168
- http://www.mozilla.org/security/announce/2006/mfsa2006-62.htmlVendor Advisory
FAQ
What is CVE-2006-4569?
CVE-2006-4569 is a vulnerability with a CVSS score of 2.6 (LOW). The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it e...
How severe is CVE-2006-4569?
CVE-2006-4569 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4569?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.