oval:org.mitre.oval:def:1929

Definition Id: oval:org.mitre.oval:def:1929

Oval ID:	oval:org.mitre.oval:def:1929
Title:	Mozilla File Stealing by Changing Input Type
Description:	Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-1729	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	mozilla
Definition Synopsis:
Mozilla Firefox version 1.5 is installed and has NOT been patched with version 1.5.0.2 Mozilla Firefox version 1.5 is installed AND Firefox version 1.5 or earlier is installed AND NOT The version of Firefox.exe is greater than or equal to 1.8.20060.30804 (v1.5.0.2) OR Mozilla Firefox version 1.5.0.1 is installed Mozilla Firefox version 1.5.0.1 is installed AND Firefox version 1.5.0.1 is installed OR Mozilla Firefox version 1.0.7 or earlier is installed Mozilla Firefox version 1.0.7 or earlier is installed AND Firefox version 1.0.7 or earlier is installed OR SeaMonkey version 1.0 or earlier is installed SeaMonkey version 1.0 or earlier is installed AND SeaMonkey version 1.0 or earlier is installed OR Mozilla Suite version 1.7.12 or earlier is installed Mozilla Suite version 1.7.12 or earlier is installed AND Mozilla Suite version 1.7.12 or earlier is installed

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0237s

Facebook rss twitter linkedin mail