Unrated severityNVD Advisory· Published Apr 14, 2006· Updated Apr 16, 2026
CVE-2006-1741
CVE-2006-1741
Description
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".
Affected products
7cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: >=1.0,<1.0.8
- cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
51- www.mozilla.org/security/announce/2006/mfsa2006-09.htmlnvdExploit
- secunia.com/advisories/19631nvdThird Party Advisory
- secunia.com/advisories/19696nvdThird Party Advisory
- secunia.com/advisories/19714nvdThird Party Advisory
- secunia.com/advisories/19721nvdThird Party Advisory
- secunia.com/advisories/19729nvdThird Party Advisory
- secunia.com/advisories/19746nvdThird Party Advisory
- secunia.com/advisories/19759nvdThird Party Advisory
- secunia.com/advisories/19780nvdThird Party Advisory
- secunia.com/advisories/19811nvdThird Party Advisory
- secunia.com/advisories/19821nvdThird Party Advisory
- secunia.com/advisories/19823nvdThird Party Advisory
- secunia.com/advisories/19852nvdThird Party Advisory
- secunia.com/advisories/19862nvdThird Party Advisory
- secunia.com/advisories/19863nvdThird Party Advisory
- secunia.com/advisories/19902nvdThird Party Advisory
- secunia.com/advisories/19941nvdThird Party Advisory
- secunia.com/advisories/19950nvdThird Party Advisory
- secunia.com/advisories/20051nvdThird Party Advisory
- secunia.com/advisories/21033nvdThird Party Advisory
- secunia.com/advisories/21622nvdThird Party Advisory
- support.avaya.com/elmodocs2/security/ASA-2006-205.htmnvdThird Party Advisory
- www.debian.org/security/2006/dsa-1044nvdThird Party Advisory
- www.debian.org/security/2006/dsa-1046nvdThird Party Advisory
- www.debian.org/security/2006/dsa-1051nvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200604-12.xmlnvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200604-18.xmlnvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200605-09.xmlnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2006-0328.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2006-0329.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2006-0330.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2006/1356nvdPermissions RequiredThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/25806nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1855nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9167nvdThird Party Advisory
- usn.ubuntu.com/271-1/nvdThird Party Advisory
- usn.ubuntu.com/275-1/nvdThird Party Advisory
- usn.ubuntu.com/276-1/nvdThird Party Advisory
- ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtnvdBroken Link
- patches.sgi.com/support/free/security/advisories/20060404-01-U.ascnvdBroken Link
- lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlnvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- www.novell.com/linux/security/advisories/2006_04_25.htmlnvdBroken Link
- www.securityfocus.com/archive/1/436296/100/0/threadednvd
- www.securityfocus.com/archive/1/436338/100/0/threadednvd
- www.securityfocus.com/archive/1/438730/100/0/threadednvd
News mentions
0No linked articles in our index yet.