Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-x41m-aspw-53gp
Summary
Paul Nickerson demonstrated that if an attacker could convince a user
to right-click on a broken image and choose "View Image" from the context
menu then he could get javascript to run on a site of the attacker's choosing
by making the image src attribute a javascript: URL and loading the target
site on mousedown. This could be used to steal login cookies or other
confidential information from the target site.Similarly, if a user could be convinced to right-click and choose
"Show only this frame" on a frame whose src attribute is a javascript: URL
then that script would run in the context of the framing site. In order
for this variant to be effective not only would you have to convince the
user to view the frame, you would have to find an interesting target
site that can be made to host a frame of the attacker's choosing.
Aliases
0
alias CVE-2006-2785
Fixed_packages
0
url pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
purl pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@1.5.dfsg%252B1.5.0.4-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@151.0.3-1?distro=sid
purl pkg:deb/debian/firefox@151.0.3-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.3-1%3Fdistro=sid
2
url pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
purl pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
3
url pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
purl pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
4
url pkg:mozilla/SeaMonkey@1.0.2
purl pkg:mozilla/SeaMonkey@1.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.2
Affected_packages
0
url pkg:rpm/redhat/devhelp@0.10-0.2?arch=el4
purl pkg:rpm/redhat/devhelp@0.10-0.2?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rdb6-pks2-9qe9
20
vulnerability VCID-rr2q-d8a3-3yc2
21
vulnerability VCID-t3kn-qbsv-rfht
22
vulnerability VCID-tfrg-nmxp-hbgm
23
vulnerability VCID-tmp3-vdh2-d7eu
24
vulnerability VCID-wf4j-e15v-zuau
25
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/devhelp@0.10-0.2%3Farch=el4
1
url pkg:rpm/redhat/firefox@1.5.0.5-0.el4?arch=1
purl pkg:rpm/redhat/firefox@1.5.0.5-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rr2q-d8a3-3yc2
20
vulnerability VCID-t3kn-qbsv-rfht
21
vulnerability VCID-tfrg-nmxp-hbgm
22
vulnerability VCID-tmp3-vdh2-d7eu
23
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.5-0.el4%3Farch=1
2
url pkg:rpm/redhat/seamonkey@1.0.2-0.1.0?arch=EL3
purl pkg:rpm/redhat/seamonkey@1.0.2-0.1.0?arch=EL3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3uay-6bec-z3gf
1
vulnerability VCID-4he8-m5u6-kkd8
2
vulnerability VCID-5e6q-3jug-8bbh
3
vulnerability VCID-75qe-svtv-kfed
4
vulnerability VCID-d2g6-8sfq-wygt
5
vulnerability VCID-jmr2-fjtx-xufk
6
vulnerability VCID-puyd-54pf-mkd5
7
vulnerability VCID-rdb6-pks2-9qe9
8
vulnerability VCID-t3kn-qbsv-rfht
9
vulnerability VCID-tfrg-nmxp-hbgm
10
vulnerability VCID-tmp3-vdh2-d7eu
11
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.2-0.1.0%3Farch=EL3
3
url pkg:rpm/redhat/seamonkey@1.0.3-0.el4?arch=1
purl pkg:rpm/redhat/seamonkey@1.0.3-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rdb6-pks2-9qe9
20
vulnerability VCID-rr2q-d8a3-3yc2
21
vulnerability VCID-t3kn-qbsv-rfht
22
vulnerability VCID-tfrg-nmxp-hbgm
23
vulnerability VCID-tmp3-vdh2-d7eu
24
vulnerability VCID-wf4j-e15v-zuau
25
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.3-0.el4%3Farch=1
4
url pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4?arch=1
purl pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-5e6q-3jug-8bbh
6
vulnerability VCID-75qe-svtv-kfed
7
vulnerability VCID-7a6f-9rfy-fyfu
8
vulnerability VCID-apk5-ufe8-27e5
9
vulnerability VCID-bk2p-yexf-qbdx
10
vulnerability VCID-cj75-txj2-4fbx
11
vulnerability VCID-d2g6-8sfq-wygt
12
vulnerability VCID-f4hn-a1c3-9fea
13
vulnerability VCID-jh4v-r9d7-yug4
14
vulnerability VCID-jmr2-fjtx-xufk
15
vulnerability VCID-pjdf-yf3g-cydn
16
vulnerability VCID-puyd-54pf-mkd5
17
vulnerability VCID-qft4-xrfb-wyh8
18
vulnerability VCID-rdb6-pks2-9qe9
19
vulnerability VCID-rr2q-d8a3-3yc2
20
vulnerability VCID-t3kn-qbsv-rfht
21
vulnerability VCID-tfrg-nmxp-hbgm
22
vulnerability VCID-tmp3-vdh2-d7eu
23
vulnerability VCID-wf4j-e15v-zuau
24
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4%3Farch=1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2785.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2785.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2785
reference_id
reference_type
scores
0
value 0.02013
scoring_system epss
scoring_elements 0.84039
published_at 2026-06-04T12:55:00Z
1
value 0.02013
scoring_system epss
scoring_elements 0.84063
published_at 2026-06-05T12:55:00Z
2
value 0.02013
scoring_system epss
scoring_elements 0.84066
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2785
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618119
reference_id 1618119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618119
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785
reference_id CVE-2006-2785
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785
4
reference_url https://security.gentoo.org/glsa/200606-12
reference_id GLSA-200606-12
reference_type
scores
url https://security.gentoo.org/glsa/200606-12
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2006-34
reference_id mfsa2006-34
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2006-34
6
reference_url https://access.redhat.com/errata/RHSA-2006:0578
reference_id RHSA-2006:0578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0578
7
reference_url https://access.redhat.com/errata/RHSA-2006:0594
reference_id RHSA-2006:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0594
8
reference_url https://access.redhat.com/errata/RHSA-2006:0609
reference_id RHSA-2006:0609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0609
9
reference_url https://access.redhat.com/errata/RHSA-2006:0610
reference_id RHSA-2006:0610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0610
10
reference_url https://access.redhat.com/errata/RHSA-2006:0611
reference_id RHSA-2006:0611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0611
11
reference_url https://usn.ubuntu.com/296-1/
reference_id USN-296-1
reference_type
scores
url https://usn.ubuntu.com/296-1/
12
reference_url https://usn.ubuntu.com/296-2/
reference_id USN-296-2
reference_type
scores
url https://usn.ubuntu.com/296-2/
13
reference_url https://usn.ubuntu.com/323-1/
reference_id USN-323-1
reference_type
scores
url https://usn.ubuntu.com/323-1/
Weaknesses
Exploits
Severity_range_scorenull
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-x41m-aspw-53gp