CVE-2006-2613
Mozilla Firefox and Suite - Information Exposure via Exception Message
Title source: llmDescription
Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.
References (11)
Core 11
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20244
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26667
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20255
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21532
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/434696/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20256
Patch x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=267645
Exploit x_refsource_misc
https://bugzilla.mozilla.org/attachment.cgi?id=164547
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/960
Scores
EPSS
0.0166
EPSS Percentile
73.9%
Details
CWE
CWE-200
Status
published
Products (6)
mozilla/firefox
1.5.0.1
mozilla/firefox
1.5.0.2
mozilla/firefox
1.5.0.3
mozilla/mozilla_suite
1.7.13
netscape/navigator
7.2
netscape/navigator
8.1
Published
May 26, 2006
Tracked Since
Feb 18, 2026