CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.mozilla.org/security/announce/2006/mfsa2006-23.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.html	Third Party Advisory
http://www.securityfocus.com/bid/17516	Third Party Advisory VDB Entry
http://secunia.com/advisories/19631	Third Party Advisory
http://secunia.com/advisories/19649	Third Party Advisory
http://www.debian.org/security/2006/dsa-1044	Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	Third Party Advisory
http://secunia.com/advisories/19759	Third Party Advisory
http://secunia.com/advisories/19794	Third Party Advisory
http://www.debian.org/security/2006/dsa-1046	Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Broken Link
http://secunia.com/advisories/19811	Third Party Advisory
http://secunia.com/advisories/19852	Third Party Advisory
http://secunia.com/advisories/19862	Third Party Advisory
http://secunia.com/advisories/19863	Third Party Advisory
http://secunia.com/advisories/19902	Third Party Advisory
http://www.debian.org/security/2006/dsa-1051	Third Party Advisory
http://secunia.com/advisories/19941	Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html	Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html	Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html	Broken Link
http://secunia.com/advisories/19714	Third Party Advisory
http://secunia.com/advisories/19721	Third Party Advisory
http://secunia.com/advisories/19746	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html	Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.html	Broken Link Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	Broken Link
http://secunia.com/advisories/21033	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	Broken Link
http://secunia.com/advisories/21622	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm	Third Party Advisory
http://secunia.com/advisories/19696	Third Party Advisory
http://secunia.com/advisories/19729	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076	Third Party Advisory
http://secunia.com/advisories/22066	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1	Broken Link
http://www.vupen.com/english/advisories/2006/1356	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083	Permissions Required Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922	Third Party Advisory
https://usn.ubuntu.com/275-1/	Third Party Advisory
https://usn.ubuntu.com/271-1/	Third Party Advisory
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/436296/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:mozilla_suite::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*

Information

Published : 2006-04-14 03:02

Updated : 2018-10-18 09:34

NVD link : CVE-2006-1729

Mitre link : CVE-2006-1729

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

mozilla

firefox
seamonkey
mozilla_suite

canonical

ubuntu_linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html", "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-23.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html", "name": "RHSA-2006:0328", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/17516", "name": "17516", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/19631", "name": "19631", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19649", "name": "19649", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2006/dsa-1044", "name": "DSA-1044", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml", "name": "GLSA-200604-12", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/19759", "name": "19759", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19794", "name": "19794", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2006/dsa-1046", "name": "DSA-1046", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml", "name": "GLSA-200604-18", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc", "name": "20060404-01-U", "tags": ["Broken Link"], "refsource": "SGI"}, {"url": "http://secunia.com/advisories/19811", "name": "19811", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19852", "name": "19852", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19862", "name": "19862", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19863", "name": "19863", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19902", "name": "19902", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2006/dsa-1051", "name": "DSA-1051", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/19941", "name": "19941", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html", "name": "FEDORA-2006-410", "tags": ["Third Party Advisory"], "refsource": "FEDORA"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html", "name": "FEDORA-2006-411", "tags": ["Third Party Advisory"], "refsource": "FEDORA"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html", "name": "SUSE-SA:2006:021", "tags": ["Broken Link"], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/19714", "name": "19714", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19721", "name": "19721", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19746", "name": "19746", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html", "name": "RHSA-2006:0329", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html", "name": "SUSE-SA:2006:035", "tags": ["Broken Link", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt", "name": "SCOSA-2006.26", "tags": ["Broken Link"], "refsource": "SCO"}, {"url": "http://secunia.com/advisories/21033", "name": "21033", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1", "name": "102550", "tags": ["Broken Link"], "refsource": "SUNALERT"}, {"url": "http://secunia.com/advisories/21622", "name": "21622", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/19696", "name": "19696", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/19729", "name": "19729", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075", "name": "MDKSA-2006:075", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076", "name": "MDKSA-2006:076", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://secunia.com/advisories/22066", "name": "22066", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1", "name": "228526", "tags": ["Broken Link"], "refsource": "SUNALERT"}, {"url": "http://www.vupen.com/english/advisories/2006/1356", "name": "ADV-2006-1356", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/3748", "name": "ADV-2006-3748", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/3391", "name": "ADV-2006-3391", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2008/0083", "name": "ADV-2008-0083", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25823", "name": "mozilla-textbox-file-access(25823)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929", "name": "oval:org.mitre.oval:def:1929", "tags": ["Third Party Advisory"], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922", "name": "oval:org.mitre.oval:def:10922", "tags": ["Third Party Advisory"], "refsource": "OVAL"}, {"url": "https://usn.ubuntu.com/275-1/", "name": "USN-275-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "https://usn.ubuntu.com/271-1/", "name": "USN-271-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded", "name": "SSRT061181", "tags": [], "refsource": "HP"}, {"url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded", "name": "FLSA:189137-2", "tags": [], "refsource": "FEDORA"}, {"url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded", "name": "FLSA:189137-1", "tags": [], "refsource": "FEDORA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-1729", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2006-04-14T10:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.0.1"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.0.8", "versionStartIncluding": "1.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.5.0.2", "versionStartIncluding": "1.5"}, {"cpe23Uri": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.7.13"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-18T16:34Z"}

4.3 /10