CVE-2006-4568
Published: 15 September 2006
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
|
| edgy |
Not vulnerable
|
|
| feisty |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
firefox-granparadiso Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
lightning-sunbird Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
midbrowser Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
xulrunner Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Ignored
(end of life, was needed)
|
|
| feisty |
Released
(1.8.0.10-3ubuntu1)
|
|
| upstream |
Needs triage
|