Showing 1 - 4 of 4

CVE-2006-2894

Status Candidate

Overview

Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.

Related Files

Ubuntu Security Notice 536-1: Posted Oct 24, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 536-1 - A massive slew of vulnerabilities that relate to mozilla-thunderbird have been patched. It would be wise to upgrade now.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 5d868ca3cbf8195030fcde8ba5b7c3d30109913f90eb6ea9b8d3da2f0f586fd5; Download | Favorite | View

Mandriva Linux Security Advisory 2007.202: Posted Oct 23, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-4841, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | 2135e6c07c0d7978822688d56feada1ec50ecedb20b2a667e7732def2eeac94d; Download | Favorite | View

Ubuntu Security Notice 535-1: Posted Oct 23, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.; tags | advisory, javascript, vulnerability; systems | linux, ubuntu; advisories | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5335, CVE-2007-5336, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340; SHA-256 | e937e8ad5d0b409d665ed543ec76877c5a6c7850fb23798031b11ce6ee1da4ed; Download | Favorite | View

Mandriva Linux Security Advisory 2006.143: Posted Aug 27, 2006; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2006-2613, CVE-2006-2894, CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787, CVE-2006-2788, CVE-2006-3677, CVE-2006-3803, CVE-2006-3804; SHA-256 | 4ea8be5cbf740393a2e029272fa3cb4f90a624cde42c0cf0a7fc0f010f1b3f12; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2006-2894

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems