CVE-2006-1741

Impact:
Moderate
Public Date:
2006-04-14
Bugzilla:
1618061: CVE-2006-1741 security flaw

The MITRE CVE dictionary describes this issue as:

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".

Find out more about CVE-2006-1741 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 3 (mozilla) RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 2.1 RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0330 2006-04-21
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0328 2006-04-14

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.