Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2613

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2613
Last Modified 02 Apr 2010 03:53:02
Published 25 May 2006 09:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2613

Summary

Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.

Vulnerable Systems

Application

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.3

  • Mozilla Suite 1.7.13

  • Netscape Navigator 7.2

  • Netscape Navigator 8.1


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=267645

MISC - https://bugzilla.mozilla.org/attachment.cgi?id=164547

XF - mozilla-javascript-path-disclosure(26667)

BUGTRAQ - 20060521 Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions

MANDRIVA - MDKSA-2006:145

MANDRIVA - MDKSA-2006:143

SREASON - 960

SECUNIA - 21532

SECUNIA - 20256

SECUNIA - 20255

SECUNIA - 20244


Last Updated: 27 May 2016 10:42:40