Definition Id: oval:org.mitre.oval:def:1929
Oval ID: oval:org.mitre.oval:def:1929
Title: Mozilla File Stealing by Changing Input Type
Description: Mozilla Firefox 1.x before and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
Family: windows Class: vulnerability
Reference(s): CVE-2006-1729
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): mozilla
Definition Synopsis: