CVE-2006-1729

Mozilla Firefox <1.5.0.2 & 1.0.x <1.0.8 - Info Disclosure

Title source: llm
STIX 2.1

Description

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

References (50)

Core 50
Core References
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/275-1/
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3748
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19902
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19941
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0328.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21622
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19862
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1051
Third Party Advisory vendor-advisory x_refsource_fedora
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/271-1/
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19714
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0329.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19811
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19794
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19746
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21033
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0083
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19696
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19759
Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora
http://www.securityfocus.com/archive/1/436338/100/0/threaded
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/446658/100/200/threaded
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1356
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19729
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19649
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19863
Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora
http://www.securityfocus.com/archive/1/436296/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17516
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1
Third Party Advisory vendor-advisory x_refsource_fedora
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19852
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19721
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22066
Broken Link, Third Party Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3391
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19631
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1046
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1044

Scores

EPSS 0.0223
EPSS Percentile 80.7%

Details

CWE
CWE-20
Status published
Products (6)
canonical/ubuntu_linux 4.10
canonical/ubuntu_linux 5.04
canonical/ubuntu_linux 5.10
mozilla/firefox 1.0 - 1.0.8
mozilla/mozilla_suite < 1.7.13
mozilla/seamonkey < 1.0.1
Published Apr 14, 2006
Tracked Since Feb 18, 2026