cbcvebase.
CVE-2006-2782
published 2006-06-02

CVE-2006-2782: Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target…

PriorityP418medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
1.68%
74.1th percentile
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.

Affected

3 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 1.5.dfsg+1.5.0.4-1 (sid)firefox 1.5.dfsg+1.5.0.4-1 (sid)
mozillafirefox<= 1.5.0.3
mozillaseamonkey<= 1.0.1

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_ubuntu7.5HIGH
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.