RedhatCVE-2006-6507

HistoryDec 20, 2006 - 1:28 a.m.

CVE-2006-6507

2006-12-2001:28:00

redhat

web.nvd.nist.gov

mozilla

firefox

xss

protection bypass

cve-2006-6507

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.058

Percentile

93.5%

JSON

Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.

Affected configurations

Nvd

Node

mozillafirefoxMatch2.0

VendorProductVersionCPE
mozillafirefox2.0cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	2.0	cpe:2.3:a:mozilla:firefox:2.0:::::::*

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

secunia.com/advisories/23282

secunia.com/advisories/23545

secunia.com/advisories/23589

secunia.com/advisories/23614

secunia.com/advisories/23672

security.gentoo.org/glsa/glsa-200701-02.xml

securitytracker.com/id?1017422

www.mozilla.org/security/announce/2006/mfsa2006-76.html

www.novell.com/linux/security/advisories/2006_80_mozilla.html

www.novell.com/linux/security/advisories/2007_06_mozilla.html

www.securityfocus.com/bid/21668

www.ubuntu.com/usn/usn-398-1

www.us-cert.gov/cas/techalerts/TA06-354A.html

www.vupen.com/english/advisories/2006/5068

www.vupen.com/english/advisories/2008/0083

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.058

Percentile

93.5%

JSON

Related for CVE-2006-6507