Improper input validation in Mozilla Firefox

CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.022 (80.5th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox
Mozilla Mozilla_suite
Mozilla Seamonkey
Canonical Ubuntu_linux — versions 4.10, 5.04, 5.10
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
secalert@redhat.com (Permissions Required, Third Party Advisory, vdb-entry, x_refsource_VUPEN)
secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
secalert@redhat.com (vendor-advisory, Third Party Advisory, x_refsource_MANDRIVA)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)