CVE-2006-6919 - Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in

CVE-2006-6919

Summary

Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element before the malicious script.

References

Vulnerable Configurations

cpe:2.3:a:sage-mozdev:sage:-:*:*:*:*:*:*:*
cpe:2.3:a:sage-mozdev:sage:-:*:*:*:*:*:*:*
cpe:2.3:a:sage-mozdev:sage:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:sage-mozdev:sage:1.3.8:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2018 - 16:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bugtraq	20061118 Sage cross-context scripting -> LOCAL-CONTEXT SCRIPTING
misc	http://michaeldaw.org/md-hacks/rss-injection-in-sage-part-2/
secunia	22809
vupen	ADV-2006-4426
xf	sage-img-xss(30179)

Last major update

16-10-2018 - 16:29

Published

11-01-2007 - 23:28

Last modified

16-10-2018 - 16:29