Security Vulnerability in Mozilla Firefox and SeaMonkey Browser
CVE-2006-1740

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite; Thunderbird; Seamonkey
Vendor: CVE Published:; 14 April 2006

Summary

This vulnerability allows remote attackers to deceive users by spoofing secure site indicators, such as the locked padlock icon, when they navigate to a malicious site. The attack is executed by opening a trusted site in a popup window and then redirecting it to an attacker-controlled site. This breach undermines the user’s ability to ascertain whether their connection is secure, potentially leading to phishing attacks and data theft. Users of affected versions should upgrade immediately to mitigate the risk of exploitation.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

http://secunia.com/advisories/19902

third-party-advisoryx_refsource_SECUNIA

ftp://patches.sgi.com/support/free/security/advisories/20...

vendor-advisoryx_refsource_SGI

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006