Unrated severityNVD Advisory· Published Sep 15, 2006· Updated Apr 16, 2026

CVE-2006-4568

Description

Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.

Affected products

Mozilla Corporation/Firefox
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Range: <=1.5.0.6
Mozilla Corporation/Seamonkey
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Range: <=1.0.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21906nvdPatchVendor Advisory
secunia.com/advisories/21949nvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2006-0676.htmlnvdPatchVendor Advisory
www.mozilla.org/security/announce/2006/mfsa2006-61.htmlnvdVendor Advisory
patches.sgi.com/support/free/security/advisories/20060901-01-P.ascnvd
secunia.com/advisories/21915nvd
secunia.com/advisories/21940nvd
secunia.com/advisories/21950nvd
secunia.com/advisories/22001nvd
secunia.com/advisories/22025nvd
secunia.com/advisories/22036nvd
secunia.com/advisories/22056nvd
secunia.com/advisories/22066nvd
secunia.com/advisories/22195nvd
secunia.com/advisories/22210nvd
secunia.com/advisories/22247nvd
secunia.com/advisories/22299nvd
secunia.com/advisories/22342nvd
secunia.com/advisories/22391nvd
secunia.com/advisories/22422nvd
secunia.com/advisories/22849nvd
secunia.com/advisories/24711nvd
security.gentoo.org/glsa/glsa-200609-19.xmlnvd
security.gentoo.org/glsa/glsa-200610-04.xmlnvd
securitytracker.com/idnvd
securitytracker.com/idnvd
support.avaya.com/elmodocs2/security/ASA-2006-224.htmnvd
www.debian.org/security/2006/dsa-1192nvd
www.debian.org/security/2006/dsa-1210nvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2006_54_mozilla.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0675.htmlnvd
www.securityfocus.com/archive/1/446140/100/0/threadednvd
www.securityfocus.com/bid/20042nvd
www.ubuntu.com/usn/usn-351-1nvd
www.ubuntu.com/usn/usn-354-1nvd
www.ubuntu.com/usn/usn-361-1nvd
www.us.debian.org/security/2006/dsa-1191nvd
www.vupen.com/english/advisories/2006/3617nvd
www.vupen.com/english/advisories/2006/3748nvd
www.vupen.com/english/advisories/2007/1198nvd
www.vupen.com/english/advisories/2008/0083nvd
www1.itrc.hp.com/service/cki/docDisplay.donvd
bugzilla.mozilla.org/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/28961nvd
issues.rpath.com/browse/RPL-640nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9843nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000