Cross-Site JavaScript Injection in Firefox and SeaMonkey by Mozilla
CVE-2006-1741

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Mozilla Suite
Seamonkey
Vendor
CVE Published:
14 April 2006

What is CVE-2006-1741?

This vulnerability allows remote attackers to execute arbitrary JavaScript on other websites by manipulating event handlers during the page load process. By leveraging modal alerts, a new page load can suspend the handling of events, creating a window of opportunity for attackers to inject malicious scripts through various methods such as eval() and extensions of eval using window.proto. This exposes users to potential threats, fundamentally altering how web content is rendered and interacted with.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://usn.ubuntu.com/275-1/
vendor-advisoryx_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2006-0330.html
vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/19902
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.