4.3

CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version >= 1.0 < 1.0.8
MozillaFirefox Version >= 1.5 < 1.5.0.2
MozillaMozilla Suite Version < 1.7.13
MozillaSeamonkey Version < 1.0.1
CanonicalUbuntu Linux Version4.10
CanonicalUbuntu Linux Version5.04
CanonicalUbuntu Linux Version5.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.23% 0.805
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/19863
Third Party Advisory
http://secunia.com/advisories/19941
Third Party Advisory
http://www.debian.org/security/2006/dsa-1046
Third Party Advisory
http://www.debian.org/security/2006/dsa-1051
Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
Broken Link
http://secunia.com/advisories/19746
Third Party Advisory
http://secunia.com/advisories/19759
Third Party Advisory
http://secunia.com/advisories/19852
Third Party Advisory
http://secunia.com/advisories/19862
Third Party Advisory
http://secunia.com/advisories/19902
Third Party Advisory
http://secunia.com/advisories/21033
Third Party Advisory
http://secunia.com/advisories/21622
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
Third Party Advisory
http://www.debian.org/security/2006/dsa-1044
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391
Third Party Advisory
Permissions Required
https://usn.ubuntu.com/271-1/
Third Party Advisory
https://usn.ubuntu.com/275-1/
Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
Broken Link
http://secunia.com/advisories/19811
Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
Broken Link
http://secunia.com/advisories/19721
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html
Third Party Advisory
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/bid/17516
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/1356
Third Party Advisory
Permissions Required
http://secunia.com/advisories/19794
Third Party Advisory
http://secunia.com/advisories/22066
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
Third Party Advisory
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.vupen.com/english/advisories/2006/3748
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2008/0083
Third Party Advisory
Permissions Required
http://secunia.com/advisories/19631
Third Party Advisory
http://secunia.com/advisories/19696
Third Party Advisory
http://secunia.com/advisories/19714
Third Party Advisory
http://secunia.com/advisories/19729
Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.html
Third Party Advisory
http://secunia.com/advisories/19649
Third Party Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
Third Party Advisory
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929
Third Party Advisory