CVE-2006-1732

Upstream information

CVE-2006-1732 at MITRE

Description

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entry: 149024 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SA:2006:021, published Thu, 20 Apr 2006 09:00:00 +0000
• SUSE-SA:2006:022, published Tue, 25 Apr 2006 15:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE LINUX Retail Solution 8 SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	mozilla >= 1.7.8-32 mozilla-calendar >= 1.7.8-32 mozilla-devel >= 1.7.8-32 mozilla-dom-inspector >= 1.7.8-32 mozilla-irc >= 1.7.8-32 mozilla-mail >= 1.7.8-32 mozilla-spellchecker >= 1.7.8-32 mozilla-venkman >= 1.7.8-32 mozilla-xmlterm >= 1.7.8-32	ul1.ppc ul1.x86-64 ul1.s390 slss8.x86 ul1.ia64 YOU Patch Nr: 10951
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64	MozillaFirefox >= 1.0.8-0.2 MozillaFirefox-translations >= 1.0.8-0.2	Builds YOU Patch Nr: 10950
SUSE LINUX 10.0	mozilla >= 1.7.11-9.5 mozilla-calendar >= 1.7.11-9.5 mozilla-devel >= 1.7.11-9.5 mozilla-dom-inspector >= 1.7.11-9.5 mozilla-irc >= 1.7.11-9.5 mozilla-mail >= 1.7.11-9.5 mozilla-spellchecker >= 1.7.11-9.5 mozilla-venkman >= 1.7.11-9.5
SUSE LINUX 9.3	mozilla >= 1.7.5-17.10 mozilla-32bit >= 9.3-7.4 mozilla-calendar >= 1.7.5-17.10 mozilla-devel >= 1.7.5-17.10 mozilla-dom-inspector >= 1.7.5-17.10 mozilla-irc >= 1.7.5-17.10 mozilla-mail >= 1.7.5-17.10 mozilla-spellchecker >= 1.7.5-17.10 mozilla-venkman >= 1.7.5-17.10
SUSE LINUX 10.0 SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64 SUSE LINUX 9.2 SUSE LINUX 9.3	MozillaFirefox >= 1.0.8-0.2 MozillaFirefox-translations >= 1.0.8-0.2
Novell Linux Desktop 9 for x86	mozilla >= 1.7.8-5.20 mozilla-cs >= 1.7.5-4.6 mozilla-deat >= 1.7.6-0.6 mozilla-devel >= 1.7.8-5.20 mozilla-dom-inspector >= 1.7.8-5.20 mozilla-hu >= 1.78-0.7 mozilla-irc >= 1.7.8-5.20 mozilla-ja >= 1.7.7-0.7 mozilla-ko >= 1.75-0.7 mozilla-mail >= 1.7.8-5.20 mozilla-venkman >= 1.7.8-5.20	core9.s390 core9.x86-64 core9.ia64 core9.x86 core9.ppc YOU Patch Nr: 10953
Novell Linux Desktop 9 for x86_64	mozilla >= 1.7.8-5.20 mozilla-cs >= 1.7.5-4.6 mozilla-deat >= 1.7.6-0.6 mozilla-devel >= 1.7.8-5.20 mozilla-dom-inspector >= 1.7.8-5.20 mozilla-hu >= 1.78-0.7 mozilla-irc >= 1.7.8-5.20 mozilla-ja >= 1.7.7-0.7 mozilla-ko >= 1.75-0.7 mozilla-lib64 >= 1.6-0.5 mozilla-mail >= 1.7.8-5.20 mozilla-venkman >= 1.7.8-5.20	core9.s390 core9.x86-64 core9.ia64 core9.x86 core9.ppc YOU Patch Nr: 10953
Open Enterprise Server	mozilla >= 1.7.8-5.20 mozilla-calendar >= 1.7.8-5.20 mozilla-cs >= 1.7.5-4.6 mozilla-deat >= 1.7.6-0.6 mozilla-devel >= 1.7.8-5.20 mozilla-dom-inspector >= 1.7.8-5.20 mozilla-hu >= 1.78-0.7 mozilla-irc >= 1.7.8-5.20 mozilla-ja >= 1.7.7-0.7 mozilla-ko >= 1.75-0.7 mozilla-mail >= 1.7.8-5.20 mozilla-venkman >= 1.7.8-5.20	core9.s390 core9.x86-64 core9.ia64 core9.x86 core9.ppc YOU Patch Nr: 10953
SUSE LINUX 10.0 SUSE LINUX 9.2 SUSE LINUX 9.3	MozillaThunderbird >= 1.0.8-0.2
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	MozillaThunderbird >= 1.0.8-0.1
SuSE Linux Desktop 1.0	mozilla >= 1.7.8-32 mozilla-deat >= 1.7.6-6 mozilla-irc >= 1.7.8-32 mozilla-mail >= 1.7.8-32	Builds