CVE-2006-1740
EPSS 2.2%
Description
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.
How to fix CVE-2006-1740
To remediate CVE-2006-1740, upgrade the affected package to a fixed version below.
- Debian/thunderbird—upgrade to 1.5.0.2-1 or later
Is CVE-2006-1740 being exploited?
Low — EPSS is 2.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.5.0.2-1