Lucene search

[email protected]CVE-2006-2782

HistoryJun 02, 2006 - 7:02 p.m.

CVE-2006-2782

2006-06-0219:02:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2006-2782

firefox

remote code execution

security vulnerability

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.941 High

EPSS

Percentile

99.1%

JSON

Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyle1.0.1
mozilla:firefoxmozilla firefoxle1.5.0.3

CPE	Name	Operator	Version
mozilla:seamonkey	mozilla seamonkey	le	1.0.1
mozilla:firefox	mozilla firefox	le	1.5.0.3

References

rhn.redhat.com/errata/RHSA-2006-0609.html

secunia.com/advisories/20376

secunia.com/advisories/20561

secunia.com/advisories/21134

secunia.com/advisories/21176

secunia.com/advisories/21178

secunia.com/advisories/21183

secunia.com/advisories/21188

secunia.com/advisories/21269

secunia.com/advisories/21270

secunia.com/advisories/21324

secunia.com/advisories/21336

secunia.com/advisories/21532

secunia.com/advisories/21631

secunia.com/advisories/22066

securitytracker.com/id?1016202

www.debian.org/security/2006/dsa-1118

www.debian.org/security/2006/dsa-1120

www.debian.org/security/2006/dsa-1134

www.gentoo.org/security/en/glsa/glsa-200606-12.xml

www.mandriva.com/security/advisories?name=MDKSA-2006:143

www.mandriva.com/security/advisories?name=MDKSA-2006:145

www.mozilla.org/security/announce/2006/mfsa2006-41.html

www.novell.com/linux/security/advisories/2006_35_mozilla.html

www.redhat.com/support/errata/RHSA-2006-0578.html

www.redhat.com/support/errata/RHSA-2006-0594.html

www.redhat.com/support/errata/RHSA-2006-0610.html

www.redhat.com/support/errata/RHSA-2006-0611.html

www.securityfocus.com/archive/1/435795/100/0/threaded

www.securityfocus.com/archive/1/446658/100/200/threaded

www.securityfocus.com/bid/18228

www.vupen.com/english/advisories/2006/2106

www.vupen.com/english/advisories/2006/3748

www.vupen.com/english/advisories/2008/0083

exchange.xforce.ibmcloud.com/vulnerabilities/26851

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10429

usn.ubuntu.com/296-1/

usn.ubuntu.com/296-2/

usn.ubuntu.com/323-1/

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.941 High

EPSS

Percentile

99.1%

JSON

Related for CVE-2006-2782

prion2 ubuntucve2 debiancve2 mozilla2 cve1 openvas27 nessus48 osv6 ubuntu5 debian11 securityvulns1 suse2 redhat7 gentoo3 centos7 oraclelinux2 freebsd1