Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1729

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1729
Last Modified 21 Sep 2011 12:00:00
Published 14 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1729

Summary

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

Vulnerable Systems

Application

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Firefox 1.0.7

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Seamonkey 1.0

  • Mozilla Suite 1.7.10

  • Mozilla Suite 1.7.11

  • Mozilla Suite 1.7.12

  • Mozilla Suite 1.7.6

  • Mozilla Suite 1.7.7

  • Mozilla Suite 1.7.8

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.1

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.3

  • Mozilla Thunderbird 1.0.4

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.7

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.1


References

XF - mozilla-textbox-file-access(25823)

VUPEN - ADV-2008-0083

VUPEN - ADV-2006-3748

VUPEN - ADV-2006-3391

VUPEN - ADV-2006-1356

UBUNTU - USN-275-1

UBUNTU - USN-271-1

BID - 17516

HP - HPSBUX02153

FEDORA - FLSA:189137-2

FEDORA - FLSA:189137-1

REDHAT - RHSA-2006:0329

REDHAT - RHSA-2006:0328

FEDORA - FEDORA-2006-411

FEDORA - FEDORA-2006-410

SUSE - SUSE-SA:2006:035

CONFIRM - http://www.mozilla.org/security/announce/2006/mfsa2006-23.html

MANDRIVA - MDKSA-2006:076

MANDRIVA - MDKSA-2006:075

GENTOO - GLSA-200604-18

GENTOO - GLSA-200604-12

DEBIAN - DSA-1051

DEBIAN - DSA-1046

DEBIAN - DSA-1044

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

SUNALERT - 228526

SUNALERT - 102550

SECUNIA - 22066

SECUNIA - 21622

SECUNIA - 21033

SECUNIA - 19941

SECUNIA - 19902

SECUNIA - 19863

SECUNIA - 19862

SECUNIA - 19852

SECUNIA - 19811

SECUNIA - 19794

SECUNIA - 19759

SECUNIA - 19746

SECUNIA - 19729

SECUNIA - 19721

SECUNIA - 19714

SECUNIA - 19696

SECUNIA - 19649

SECUNIA - 19631

SUSE - SUSE-SA:2006:021

SGI - 20060404-01-U

SCO - SCOSA-2006.26

HP - SSRT061181


Last Updated: 27 May 2016 10:42:35