Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2006-1729

Опубликовано: 14 апр. 2006
Источник: debian

Описание

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed1.5.dfsg+1.5.0.2-1package
mozilla-firefoxfixed1.5.dfsg+1.5.0.2-1package
mozillafixed2:1.7.13-0.1package
mozilla-thunderbirdfixed1.0.2-2.sarge1.0.8sargepackage
xulrunnerfixed1.8.0.1-9package

Примечания

  • Can likely be used to steal OpenSSH keys and the like.

Связанные уязвимости

ubuntu логотип

CVE-2006-1729

ubuntu
больше 19 лет назад

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

redhat логотип

CVE-2006-1729

redhat
больше 19 лет назад

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

nvd логотип

CVE-2006-1729

nvd
больше 19 лет назад

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

github логотип

GHSA-2gxf-f3cr-5m3p

github
больше 3 лет назад

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.