CVE-2006-1725
First published: Fri Apr 14 2006(Updated: )
Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | >=1.5<1.5.0.2 | |
| Mozilla SeaMonkey | <1.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/show_bug.cgi?id=327014
- http://www.securityfocus.com/bid/17516
- http://secunia.com/advisories/19631
- http://secunia.com/advisories/19649
- http://secunia.com/advisories/22066
- http://www.vupen.com/english/advisories/2006/1356
- http://www.vupen.com/english/advisories/2008/0083
- http://www.vupen.com/english/advisories/2006/3748
- http://www.mozilla.org/security/announce/2006/mfsa2006-29.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25827
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1471
- http://www.securityfocus.com/archive/1/446658/100/200/threaded
Frequently Asked Questions
What is the severity of CVE-2006-1725?
CVE-2006-1725 has a medium severity rating due to its potential for user-assisted exploitation.
How do I fix CVE-2006-1725?
To fix CVE-2006-1725, update Mozilla Firefox to version 1.5.0.2 or later and SeaMonkey to version 1.0.1 or later.
What type of vulnerability is CVE-2006-1725?
CVE-2006-1725 is a code execution vulnerability that occurs due to a flaw in the interaction between XUL content windows and the history mechanism.
Which versions of Firefox are affected by CVE-2006-1725?
Mozilla Firefox versions from 1.5 to 1.5.0.1 are affected by CVE-2006-1725.
Which versions of SeaMonkey are affected by CVE-2006-1725?
CVE-2006-1725 affects SeaMonkey versions up to and including 1.0.0.
- agent/references
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- vendor/mozilla
- canonical/firefox
- version/firefox/1.5
- canonical/mozilla seamonkey