CVE-2006-1729

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla Suite; Seamonkey; Firefox
Vendor: CVE Published:; 14 April 2006

Summary

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

http://www.vupen.com/english/advisories/2006/3748

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/19902

third-party-advisoryx_refsource_SECUNIA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006