CVE-2006-1729

CVSS V2 Medium 4.3 CVSS V3 None
Description
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
Overview
  • CVE ID
  • CVE-2006-1729
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2006-04-14T10:02:00
  • Last Modified Date
  • 2018-10-18T16:34:33
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 1 OR 1.0 1.0.8
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 1 OR 1.5 1.5.0.2
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:* 1 OR 1.7.13
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* 1 OR 1.0.1
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 4.3
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.html Third Party Advisory
http://www.securityfocus.com/bid/17516 Third Party Advisory VDB Entry
http://secunia.com/advisories/19631 Third Party Advisory
http://secunia.com/advisories/19649 Third Party Advisory
http://www.debian.org/security/2006/dsa-1044 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml Third Party Advisory
http://secunia.com/advisories/19759 Third Party Advisory
http://secunia.com/advisories/19794 Third Party Advisory
http://www.debian.org/security/2006/dsa-1046 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc Broken Link
http://secunia.com/advisories/19811 Third Party Advisory
http://secunia.com/advisories/19852 Third Party Advisory
http://secunia.com/advisories/19862 Third Party Advisory
http://secunia.com/advisories/19863 Third Party Advisory
http://secunia.com/advisories/19902 Third Party Advisory
http://www.debian.org/security/2006/dsa-1051 Third Party Advisory
http://secunia.com/advisories/19941 Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html Broken Link
http://secunia.com/advisories/19714 Third Party Advisory
http://secunia.com/advisories/19721 Third Party Advisory
http://secunia.com/advisories/19746 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html Broken Link Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt Broken Link
http://secunia.com/advisories/21033 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 Broken Link
http://secunia.com/advisories/21622 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm Third Party Advisory
http://secunia.com/advisories/19696 Third Party Advisory
http://secunia.com/advisories/19729 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 Third Party Advisory
http://secunia.com/advisories/22066 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 Broken Link
http://www.vupen.com/english/advisories/2006/1356 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083 Permissions Required Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922 Third Party Advisory
https://usn.ubuntu.com/275-1/ Third Party Advisory
https://usn.ubuntu.com/271-1/ Third Party Advisory
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/436296/100/0/threaded
History
Created Old Value New Value Data Type Notes
2022-05-10 18:09:02 Added to TrackCVE