NVD

Id
60434  
Name
CVE-2006-1729  
Description
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2016-12-20  
Published
2006-04-14  
Modified Date
2011-09-21  
Seq
2006-1729  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
311363 60434 CVE-2006-1729 SCOSA-2006.26  View
311364 60434 CVE-2006-1729 20060404-01-U  View
311365 60434 CVE-2006-1729 SUSE-SA:2006:021  View
311366 60434 CVE-2006-1729 oval:org.mitre.oval:def:10922  View
311367 60434 CVE-2006-1729 oval:org.mitre.oval:def:1929  View
311368 60434 CVE-2006-1729 102550  View
311369 60434 CVE-2006-1729 228526  View
311370 60434 CVE-2006-1729 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm  View
311371 60434 CVE-2006-1729 DSA-1044  View
311372 60434 CVE-2006-1729 DSA-1046  View
311373 60434 CVE-2006-1729 DSA-1051  View
311374 60434 CVE-2006-1729 GLSA-200604-12  View
311375 60434 CVE-2006-1729 GLSA-200604-18  View
311376 60434 CVE-2006-1729 MDKSA-2006:075  View
311377 60434 CVE-2006-1729 MDKSA-2006:076  View
311378 60434 CVE-2006-1729 http://www.mozilla.org/security/announce/2006/mfsa2006-23.html  View
311379 60434 CVE-2006-1729 SUSE-SA:2006:035  View
311380 60434 CVE-2006-1729 FEDORA-2006-410  View
311381 60434 CVE-2006-1729 FEDORA-2006-411  View
311382 60434 CVE-2006-1729 RHSA-2006:0328  View
311383 60434 CVE-2006-1729 RHSA-2006:0329  View
311384 60434 CVE-2006-1729 FLSA:189137-1  View
311385 60434 CVE-2006-1729 FLSA:189137-2  View
311386 60434 CVE-2006-1729 HPSBUX02153  View
311387 60434 CVE-2006-1729 17516  View
311388 60434 CVE-2006-1729 USN-271-1  View
311389 60434 CVE-2006-1729 USN-275-1  View
311390 60434 CVE-2006-1729 ADV-2006-1356  View
311391 60434 CVE-2006-1729 ADV-2006-3391  View
311392 60434 CVE-2006-1729 ADV-2006-3748  View
311393 60434 CVE-2006-1729 ADV-2008-0083  View
311394 60434 CVE-2006-1729 mozilla-textbox-file-access(25823)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57994 JVNDB-2006-000190 Mozilla Firefox の INPUT TYPE 属性の処理による任意のファイルを取得される脆弱性 Mozilla Firefox には INPUT TYPE 属性の処理不備のため、INPUT 要素のテキスト入力フィールド (TYPE="text") の初期値としてファイル名を指定し、この値を変更することなく TYPE 属性をファイル名入力フィールドに変更することが可能である脆弱性が存在します。 CVE-2006-1729 17831 CVE-2006-1729 60434 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000190.html 2006-04-11 2007-04-01 View