File Access Vulnerability in Mozilla Products by Mozilla
CVE-2006-1729

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla Suite; Seamonkey; Firefox
Vendor: CVE Published:; 14 April 2006

Summary

Mozilla Firefox and its related products have a vulnerability that allows remote attackers to read arbitrary files on the user's system. This can be exploited by manipulating input controls, either by inserting the target filename into a text box converted to a file upload control or by changing the input control type tied to an event handler. Users of affected versions are at risk of unauthorized access to sensitive files, making it essential to apply security patches and updates provided by the vendor.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

http://www.vupen.com/english/advisories/2006/3748

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/19902

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006