CVE-2006-1942

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=334341", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=334341", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/19698", "name": "19698", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.gavinsharp.com/tmp/ImageVuln.html", "name": "http://www.gavinsharp.com/tmp/ImageVuln.html", "tags": ["Patch"], "refsource": "MISC"}, {"url": "http://www.networksecurity.fi/advisories/netscape-view-image.html", "name": "http://www.networksecurity.fi/advisories/netscape-view-image.html", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.osvdb.org/24713", "name": "24713", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/19988", "name": "19988", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-39.html", "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-39.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/18228", "name": "18228", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1016202", "name": "1016202", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/20376", "name": "20376", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html", "name": "SUSE-SA:2006:035", "tags": [], "refsource": "SUSE"}, {"url": "http://www.debian.org/security/2006/dsa-1118", "name": "DSA-1118", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2006/dsa-1120", "name": "DSA-1120", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/21183", "name": "21183", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/21176", "name": "21176", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2006/dsa-1134", "name": "DSA-1134", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/21324", "name": "21324", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/20063", "name": "20063", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/22066", "name": "22066", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2008/0083", "name": "ADV-2008-0083", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/2106", "name": "ADV-2006-2106", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/3748", "name": "ADV-2006-3748", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25925", "name": "firefox-viewimage-security-bypass(25925)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded", "name": "SSRT061181", "tags": [], "refsource": "HP"}, {"url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded", "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/433539/30/5070/threaded", "name": "20060507 Re: Firefox 1.5.0.3 code execution exploit", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/433138/100/0/threaded", "name": "20060505 Firefox 1.5.0.3 code execution exploit", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/431267/100/0/threaded", "name": "20060418 Another flaw in Firefox 1.5.0.2: to open files from remote", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an \"alternate web page.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-1942", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2006-04-20T22:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:k-meleon_project:k-meleon:0.9.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:navigator:8.0.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:navigator:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-18T16:37Z"}