VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 14, 2006· Updated Jun 16, 2026

CVE-2006-1740

CVE-2006-1740

Description

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

33
  • Mozilla Corporation/Firefox12 versions
    cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.0.7
    • cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
    • (no CPE)range: <1.5
  • Mozilla Corporation/Suite7 versions
    cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*range: <=1.7.12
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
    • (no CPE)range: <1.7.13
  • Mozilla Corporation/Seamonkey2 versions
    cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
    • cpe:2.3:a:mozilla:seamonkey:*:beta:*:*:*:*:*:*range: <=1.0
  • Mozilla Corporation/Thunderbird11 versions
    cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=1.0.7
    • cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
  • Seamonkey/Seamonkeyllm-fuzzy
    Range: <1.0

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

45

News mentions

0

No linked articles in our index yet.