Unrated severityNVD Advisory· Published Dec 20, 2006· Updated Jun 16, 2026
CVE-2006-6503
CVE-2006-6503
Description
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: >=1.5,<1.5.0.9
- (no CPE)range: <2.0.0.1, <1.5.0.9
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <1.0.7
- (no CPE)range: <1.0.7
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <1.5.0.9
- (no CPE)range: <1.5.0.9
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
53- rhn.redhat.com/errata/RHSA-2006-0758.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2006-0759.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2006-0760.htmlnvdThird Party Advisory
- secunia.com/advisories/23282nvdThird Party Advisory
- secunia.com/advisories/23420nvdThird Party Advisory
- secunia.com/advisories/23422nvdThird Party Advisory
- secunia.com/advisories/23433nvdThird Party Advisory
- secunia.com/advisories/23439nvdThird Party Advisory
- secunia.com/advisories/23440nvdThird Party Advisory
- secunia.com/advisories/23468nvdThird Party Advisory
- secunia.com/advisories/23514nvdThird Party Advisory
- secunia.com/advisories/23545nvdThird Party Advisory
- secunia.com/advisories/23589nvdThird Party Advisory
- secunia.com/advisories/23591nvdThird Party Advisory
- secunia.com/advisories/23598nvdThird Party Advisory
- secunia.com/advisories/23601nvdThird Party Advisory
- secunia.com/advisories/23614nvdThird Party Advisory
- secunia.com/advisories/23618nvdThird Party Advisory
- secunia.com/advisories/23672nvdThird Party Advisory
- secunia.com/advisories/23692nvdThird Party Advisory
- secunia.com/advisories/23988nvdThird Party Advisory
- secunia.com/advisories/24078nvdThird Party Advisory
- secunia.com/advisories/24390nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200701-02.xmlnvdThird Party Advisory
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.debian.org/security/2007/dsa-1253nvdThird Party Advisory
- www.debian.org/security/2007/dsa-1258nvdThird Party Advisory
- www.debian.org/security/2007/dsa-1265nvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200701-03.xmlnvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200701-04.xmlnvdThird Party Advisory
- www.kb.cert.org/vuls/id/405092nvdThird Party AdvisoryUS Government Resource
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2006/mfsa2006-72.htmlnvdVendor Advisory
- www.securityfocus.com/bid/21668nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-398-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-398-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-400-1nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA06-354A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2006/5068nvdThird Party Advisory
- www.vupen.com/english/advisories/2008/0083nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10895nvdThird Party Advisory
- patches.sgi.com/support/free/security/advisories/20061202-01-P.ascnvdBroken Link
- fedoranews.org/cms/node/2297nvdBroken Link
- fedoranews.org/cms/node/2338nvdBroken Link
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken Link
- www.novell.com/linux/security/advisories/2006_80_mozilla.htmlnvdBroken Link
- www.novell.com/linux/security/advisories/2007_06_mozilla.htmlnvdBroken Link
- issues.rpath.com/browse/RPL-883nvdBroken Link
- www.securityfocus.com/archive/1/455145/100/0/threadednvd
- www.securityfocus.com/archive/1/455728/100/200/threadednvd
News mentions
0No linked articles in our index yet.