CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
References
Link Resource
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc Broken Link
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html Broken Link
http://secunia.com/advisories/19631 Third Party Advisory
http://secunia.com/advisories/19649 Third Party Advisory
http://secunia.com/advisories/19696 Third Party Advisory
http://secunia.com/advisories/19714 Third Party Advisory
http://secunia.com/advisories/19721 Third Party Advisory
http://secunia.com/advisories/19729 Third Party Advisory
http://secunia.com/advisories/19746 Third Party Advisory
http://secunia.com/advisories/19759 Third Party Advisory
http://secunia.com/advisories/19794 Third Party Advisory
http://secunia.com/advisories/19811 Third Party Advisory
http://secunia.com/advisories/19852 Third Party Advisory
http://secunia.com/advisories/19862 Third Party Advisory
http://secunia.com/advisories/19863 Third Party Advisory
http://secunia.com/advisories/19902 Third Party Advisory
http://secunia.com/advisories/19941 Third Party Advisory
http://secunia.com/advisories/21033 Third Party Advisory
http://secunia.com/advisories/21622 Third Party Advisory
http://secunia.com/advisories/22066 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm Third Party Advisory
http://www.debian.org/security/2006/dsa-1044 Third Party Advisory
http://www.debian.org/security/2006/dsa-1046 Third Party Advisory
http://www.debian.org/security/2006/dsa-1051 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 Third Party Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html Broken Link Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html Third Party Advisory
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/bid/17516 Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2006/1356 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083 Permissions Required Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929 Third Party Advisory
https://usn.ubuntu.com/271-1/ Third Party Advisory
https://usn.ubuntu.com/275-1/ Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc Broken Link
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html Broken Link
http://secunia.com/advisories/19631 Third Party Advisory
http://secunia.com/advisories/19649 Third Party Advisory
http://secunia.com/advisories/19696 Third Party Advisory
http://secunia.com/advisories/19714 Third Party Advisory
http://secunia.com/advisories/19721 Third Party Advisory
http://secunia.com/advisories/19729 Third Party Advisory
http://secunia.com/advisories/19746 Third Party Advisory
http://secunia.com/advisories/19759 Third Party Advisory
http://secunia.com/advisories/19794 Third Party Advisory
http://secunia.com/advisories/19811 Third Party Advisory
http://secunia.com/advisories/19852 Third Party Advisory
http://secunia.com/advisories/19862 Third Party Advisory
http://secunia.com/advisories/19863 Third Party Advisory
http://secunia.com/advisories/19902 Third Party Advisory
http://secunia.com/advisories/19941 Third Party Advisory
http://secunia.com/advisories/21033 Third Party Advisory
http://secunia.com/advisories/21622 Third Party Advisory
http://secunia.com/advisories/22066 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm Third Party Advisory
http://www.debian.org/security/2006/dsa-1044 Third Party Advisory
http://www.debian.org/security/2006/dsa-1046 Third Party Advisory
http://www.debian.org/security/2006/dsa-1051 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 Third Party Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html Broken Link Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html Third Party Advisory
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/bid/17516 Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2006/1356 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083 Permissions Required Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929 Third Party Advisory
https://usn.ubuntu.com/271-1/ Third Party Advisory
https://usn.ubuntu.com/275-1/ Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:09

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt - Broken Link () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt - Broken Link
References () ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc - Broken Link () ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc - Broken Link
References () http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html - Broken Link () http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html - Broken Link
References () http://secunia.com/advisories/19631 - Third Party Advisory () http://secunia.com/advisories/19631 - Third Party Advisory
References () http://secunia.com/advisories/19649 - Third Party Advisory () http://secunia.com/advisories/19649 - Third Party Advisory
References () http://secunia.com/advisories/19696 - Third Party Advisory () http://secunia.com/advisories/19696 - Third Party Advisory
References () http://secunia.com/advisories/19714 - Third Party Advisory () http://secunia.com/advisories/19714 - Third Party Advisory
References () http://secunia.com/advisories/19721 - Third Party Advisory () http://secunia.com/advisories/19721 - Third Party Advisory
References () http://secunia.com/advisories/19729 - Third Party Advisory () http://secunia.com/advisories/19729 - Third Party Advisory
References () http://secunia.com/advisories/19746 - Third Party Advisory () http://secunia.com/advisories/19746 - Third Party Advisory
References () http://secunia.com/advisories/19759 - Third Party Advisory () http://secunia.com/advisories/19759 - Third Party Advisory
References () http://secunia.com/advisories/19794 - Third Party Advisory () http://secunia.com/advisories/19794 - Third Party Advisory
References () http://secunia.com/advisories/19811 - Third Party Advisory () http://secunia.com/advisories/19811 - Third Party Advisory
References () http://secunia.com/advisories/19852 - Third Party Advisory () http://secunia.com/advisories/19852 - Third Party Advisory
References () http://secunia.com/advisories/19862 - Third Party Advisory () http://secunia.com/advisories/19862 - Third Party Advisory
References () http://secunia.com/advisories/19863 - Third Party Advisory () http://secunia.com/advisories/19863 - Third Party Advisory
References () http://secunia.com/advisories/19902 - Third Party Advisory () http://secunia.com/advisories/19902 - Third Party Advisory
References () http://secunia.com/advisories/19941 - Third Party Advisory () http://secunia.com/advisories/19941 - Third Party Advisory
References () http://secunia.com/advisories/21033 - Third Party Advisory () http://secunia.com/advisories/21033 - Third Party Advisory
References () http://secunia.com/advisories/21622 - Third Party Advisory () http://secunia.com/advisories/21622 - Third Party Advisory
References () http://secunia.com/advisories/22066 - Third Party Advisory () http://secunia.com/advisories/22066 - Third Party Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 - Broken Link
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 - Broken Link
References () http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm - Third Party Advisory () http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm - Third Party Advisory
References () http://www.debian.org/security/2006/dsa-1044 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1044 - Third Party Advisory
References () http://www.debian.org/security/2006/dsa-1046 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1046 - Third Party Advisory
References () http://www.debian.org/security/2006/dsa-1051 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1051 - Third Party Advisory
References () http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml - Third Party Advisory () http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml - Third Party Advisory
References () http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml - Third Party Advisory () http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 - Third Party Advisory
References () http://www.mozilla.org/security/announce/2006/mfsa2006-23.html - Vendor Advisory () http://www.mozilla.org/security/announce/2006/mfsa2006-23.html - Vendor Advisory
References () http://www.novell.com/linux/security/advisories/2006_35_mozilla.html - Broken Link, Third Party Advisory () http://www.novell.com/linux/security/advisories/2006_35_mozilla.html - Broken Link, Third Party Advisory
References () http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html - Third Party Advisory () http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html - Third Party Advisory
References () http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html - Third Party Advisory () http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html - Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2006-0328.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2006-0328.html - Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2006-0329.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2006-0329.html - Third Party Advisory
References () http://www.securityfocus.com/archive/1/436296/100/0/threaded - () http://www.securityfocus.com/archive/1/436296/100/0/threaded -
References () http://www.securityfocus.com/archive/1/436338/100/0/threaded - () http://www.securityfocus.com/archive/1/436338/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446658/100/200/threaded - () http://www.securityfocus.com/archive/1/446658/100/200/threaded -
References () http://www.securityfocus.com/bid/17516 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/17516 - Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2006/1356 - Permissions Required, Third Party Advisory () http://www.vupen.com/english/advisories/2006/1356 - Permissions Required, Third Party Advisory
References () http://www.vupen.com/english/advisories/2006/3391 - Permissions Required, Third Party Advisory () http://www.vupen.com/english/advisories/2006/3391 - Permissions Required, Third Party Advisory
References () http://www.vupen.com/english/advisories/2006/3748 - Permissions Required, Third Party Advisory () http://www.vupen.com/english/advisories/2006/3748 - Permissions Required, Third Party Advisory
References () http://www.vupen.com/english/advisories/2008/0083 - Permissions Required, Third Party Advisory () http://www.vupen.com/english/advisories/2008/0083 - Permissions Required, Third Party Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25823 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/25823 - Third Party Advisory, VDB Entry
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922 - Third Party Advisory () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922 - Third Party Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929 - Third Party Advisory () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929 - Third Party Advisory
References () https://usn.ubuntu.com/271-1/ - Third Party Advisory () https://usn.ubuntu.com/271-1/ - Third Party Advisory
References () https://usn.ubuntu.com/275-1/ - Third Party Advisory () https://usn.ubuntu.com/275-1/ - Third Party Advisory

Information

Published : 2006-04-14 10:02

Updated : 2024-11-21 00:09


NVD link : CVE-2006-1729

Mitre link : CVE-2006-1729

CVE.ORG link : CVE-2006-1729


JSON object : View

Products Affected

mozilla

  • firefox
  • mozilla_suite
  • seamonkey

canonical

  • ubuntu_linux
CWE
CWE-20

Improper Input Validation