CVE-2006-2782Improper Input Validation in Firefox

CWE-20Improper Input Validation13 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
1.4%
top 19.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Debian FirefoxMozilla FirefoxMozilla Seamonkey
Timeline
PublishedJun 2
Latest updateMay 1

Description

Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

debiandebian/firefox< firefox 1.5.dfsg+1.5.0.4-1 (sid)
NVDmozilla/firefox1.5.0.3

🔴Vulnerability Details

1
GHSA
GHSA-q2jj-w55g-3m5j: Firefox 12022-05-01

📋Vendor Advisories

5
Ubuntu
mozilla vulnerabilities2006-07-26
Ubuntu
Firefox vulnerabilities2006-07-25
Ubuntu
firefox vulnerabilities2006-06-09
Red Hat
security flaw2006-06-01
Debian
CVE-2006-2782: firefox - Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which...2006

💬Community

6
Bugzilla
CVE-2006-2782 security flaw2018-08-16
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-07-12
Bugzilla
CVE-2006-2779 multiple Thunderbird issues (CVE-2006-2780, CVE-2006-2781, CVE-2006-2783,CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-28
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-27
Bugzilla
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)2006-06-27