Detections
Analytics

CVE-2006-6507

medium

Description

Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.

References

http://www.vupen.com/english/advisories/2008/0083

http://www.vupen.com/english/advisories/2006/5068

http://www.us-cert.gov/cas/techalerts/TA06-354A.html

http://www.ubuntu.com/usn/usn-398-1

http://www.securityfocus.com/bid/21668

http://www.novell.com/linux/security/advisories/2007_06_mozilla.html

http://www.novell.com/linux/security/advisories/2006_80_mozilla.html

http://www.mozilla.org/security/announce/2006/mfsa2006-76.html

http://securitytracker.com/id?1017422

http://security.gentoo.org/glsa/glsa-200701-02.xml

http://secunia.com/advisories/23672

http://secunia.com/advisories/23614

http://secunia.com/advisories/23589

http://secunia.com/advisories/23545

http://secunia.com/advisories/23282

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Details

Source: Mitre, NVD

Published: 2006-12-20

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.03095