Information Disclosure in Mozilla Suite and Firefox by Remote User-Aided Attackers
CVE-2006-2613

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Navigator; Mozilla Suite
Vendor: CVE Published:; 26 May 2006

Summary

This vulnerability affects multiple versions of the Mozilla Suite, Firefox, and Netscape products, enabling remote user-assisted attackers to disclose sensitive information. By exploiting a flaw that allows the triggering of exceptions, attackers can gain insights into the installation paths and environment variables of the application. The issue highlights the importance of secure coding practices and user vigilance against potentially malicious JavaScript content.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://secunia.com/advisories/20244

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/26667

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 26, 2006
Vulnerability Reserved
May 25, 2006