New Search

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8 Mozilla Suite before 1.7.13 and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box then turning that box into a file upload control or (2) changing the type of the input control that is associated with an event handler.

oval:org.mitre.oval:def:10922

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8 Mozilla Suite before 1.7.13 and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box then turning that box into a file upload control or (2) changing the type of the input control that is associated with an event handler.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-1729
Product(s):