NVD

Id
64638  
Name
CVE-2006-6077  
Description
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2016-12-20  
Published
2006-11-24  
Modified Date
2011-03-07  
Seq
2006-6077  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
337362 64638 CVE-2006-6077 20070202-01-P  View
337363 64638 CVE-2006-6077 20070301-01-P  View
337364 64638 CVE-2006-6077 FEDORA-2007-281  View
337365 64638 CVE-2006-6077 FEDORA-2007-293  View
337366 64638 CVE-2006-6077 HPSBUX02153  View
337367 64638 CVE-2006-6077 SUSE-SA:2007:019  View
337368 64638 CVE-2006-6077 oval:org.mitre.oval:def:10031  View
337369 64638 CVE-2006-6077 RHSA-2007:0077  View
337370 64638 CVE-2006-6077 GLSA-200703-04  View
337371 64638 CVE-2006-6077 1017271  View
337372 64638 CVE-2006-6077 SSA:2007-066-05  View
337373 64638 CVE-2006-6077 DSA-1336  View
337374 64638 CVE-2006-6077 GLSA-200703-08  View
337375 64638 CVE-2006-6077 http://www.info-svc.com/news/11-21-2006/  View
337376 64638 CVE-2006-6077 http://www.info-svc.com/news/11-21-2006/rcsr1/  View
337377 64638 CVE-2006-6077 MDKSA-2007:050  View
337378 64638 CVE-2006-6077 http://www.mozilla.org/security/announce/2007/mfsa2007-02.html  View
337379 64638 CVE-2006-6077 SUSE-SA:2007:022  View
337380 64638 CVE-2006-6077 RHSA-2007:0078  View
337381 64638 CVE-2006-6077 RHSA-2007:0079  View
337382 64638 CVE-2006-6077 RHSA-2007:0097  View
337383 64638 CVE-2006-6077 RHSA-2007:0108  View
337384 64638 CVE-2006-6077 20061122 Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords  View
337385 64638 CVE-2006-6077 20061123 Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords  View
337386 64638 CVE-2006-6077 20061123 Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords  View
337387 64638 CVE-2006-6077 20061123 Re: Password Flaw also in Firefox 1.5.08. Was: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords  View
337388 64638 CVE-2006-6077 20061220 critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip  View
337389 64638 CVE-2006-6077 20061221 Re: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip  View
337390 64638 CVE-2006-6077 20061222 Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip  View
337391 64638 CVE-2006-6077 20070226 rPSA-2007-0040-1 firefox  View
337392 64638 CVE-2006-6077 20070303 rPSA-2007-0040-3 firefox thunderbird  View
337393 64638 CVE-2006-6077 21240  View
337394 64638 CVE-2006-6077 22694  View
337395 64638 CVE-2006-6077 USN-428-1  View
337396 64638 CVE-2006-6077 ADV-2006-4662  View
337397 64638 CVE-2006-6077 ADV-2007-0718  View
337398 64638 CVE-2006-6077 firefox-passwordmgr-information-disclosure(30470)  View
337399 64638 CVE-2006-6077 https://bugzilla.mozilla.org/show_bug.cgi?id=360493  View
337400 64638 CVE-2006-6077 https://issues.rpath.com/browse/RPL-1081  View
337401 64638 CVE-2006-6077 https://issues.rpath.com/browse/RPL-1103  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58594 JVNDB-2006-000790 Mozilla Firefox のパスワードマネージャにおけるパスワード開示の脆弱性 Mozilla Firefox のパスワードマネージャには、パスワードデータ送信先の Web フォームに対する検証が適切に行われないため、偽りのフォームに対し保存されていたパスワードを自動補完してましまう問題が存在します。Mozilla の情報によると、このパスワードマネージャの問題が悪用されたフィッシング被害の事例が報告されています。 CVE-2006-6077 22179 CVE-2006-6077 64638 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000790.html 2006-11-24 2007-08-01 View