Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey
CVE-2006-1736

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite; Thunderbird; Seamonkey
Vendor: CVE Published:; 14 April 2006

Summary

A vulnerability exists in previous versions of Mozilla Firefox and SeaMonkey that allows remote attackers to manipulate user interaction. By overlaying a transparent image link on an image, attackers can deceive users into downloading an executable file while saving the image. This exploit is facilitated by a graphical user interface truncation issue, which may obscure the executable's file extension, leading to potential security risks for users.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

http://secunia.com/advisories/19902

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/25814

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006