CVE-2006-3352
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status
** CUESTIONADA ** Vulnerabilidad de dominios cruzados en el navegador web Mozilla Firefox que permite a usuarios remotos acceder a información confidencial de otros dominios a través de una "object tag" (etiqueta de objeto) con un parámetro de datos ("parameter data") que hace referencia a un enlace al sitio web origen del ataque que especifica una cabecera con una localización HTTP que hace referencia al sitio objetivo, lo que hace el contenido accesible a través del atributo outerHTML del objeto. NOTA: esta descripción esta basada en un informe que ha sido revisado e impugnado por sus autores originales. Los autores malinterpretaron sus resulados. Terceras partes también han discutido sobre la corrección del informe original. Por lo tanto, esta descripción no es de una vulnerabilidad. Ha sido incluida y se le ha asignado un identificador de CVE para proporcionar información clara.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-07-05 CVE Reserved
- 2006-07-06 CVE Published
- 2024-01-15 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://isc.sans.org/diary.php?storyid=1448 | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/438785/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438788/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438811/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438863/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438864/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/439146/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/18734 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.8 Search vendor "Mozilla" for product "Firefox" and version "0.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.9 Search vendor "Mozilla" for product "Firefox" and version "0.9" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.9 Search vendor "Mozilla" for product "Firefox" and version "0.9" | rc |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.9.1 Search vendor "Mozilla" for product "Firefox" and version "0.9.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.9.2 Search vendor "Mozilla" for product "Firefox" and version "0.9.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.9.3 Search vendor "Mozilla" for product "Firefox" and version "0.9.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.10 Search vendor "Mozilla" for product "Firefox" and version "0.10" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 0.10.1 Search vendor "Mozilla" for product "Firefox" and version "0.10.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0 Search vendor "Mozilla" for product "Firefox" and version "1.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.5 Search vendor "Mozilla" for product "Firefox" and version "1.0.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.0.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.0.6" | linux |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.7 Search vendor "Mozilla" for product "Firefox" and version "1.0.7" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.8 Search vendor "Mozilla" for product "Firefox" and version "1.0.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta1 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta2 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.4" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.1" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 2.0 Search vendor "Mozilla" for product "Firefox" and version "2.0" | rc3 |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | preview_release Search vendor "Mozilla" for product "Firefox" and version "preview_release" | - |
Affected
| ||||||