2.6
CVE-2006-1736
- EPSS 1.62%
- Veröffentlicht 14.04.2006 10:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Mozilla Suite Version <= 1.7.12
Mozilla ≫ Mozilla Suite Version1.7.6
Mozilla ≫ Mozilla Suite Version1.7.7
Mozilla ≫ Mozilla Suite Version1.7.8
Mozilla ≫ Mozilla Suite Version1.7.10
Mozilla ≫ Mozilla Suite Version1.7.11
Mozilla ≫ Thunderbird Version <= 1.0.7
Mozilla ≫ Thunderbird Version1.0
Mozilla ≫ Thunderbird Version1.0.1
Mozilla ≫ Thunderbird Version1.0.2
Mozilla ≫ Thunderbird Version1.0.3
Mozilla ≫ Thunderbird Version1.0.4
Mozilla ≫ Thunderbird Version1.0.5
Mozilla ≫ Thunderbird Version1.0.5 Updatebeta
Mozilla ≫ Thunderbird Version1.0.6
Mozilla ≫ Thunderbird Version1.5
Mozilla ≫ Thunderbird Version1.5 Updatebeta2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.62% | 0.81 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|