QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-1942

Back to search

CVE-2006-1942

Published: Apr 20, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."

VendorProductVersions

n/a

n/a

affected
n/a

References

21176
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3748
vdb-entry
x_refsource_VUPEN
24713
vdb-entry
x_refsource_OSVDB
19698
third-party-advisory
x_refsource_SECUNIA
20063
third-party-advisory
x_refsource_SECUNIA
20060602 rPSA-2006-0091-1 firefox thunderbird
mailing-list
x_refsource_BUGTRAQ
20376
third-party-advisory
x_refsource_SECUNIA
1016202
vdb-entry
x_refsource_SECTRACK
18228
vdb-entry
x_refsource_BID
ADV-2008-0083
vdb-entry
x_refsource_VUPEN
SSRT061181
vendor-advisory
x_refsource_HP
DSA-1118
vendor-advisory
x_refsource_DEBIAN
HPSBUX02153
vendor-advisory
x_refsource_HP
DSA-1120
vendor-advisory
x_refsource_DEBIAN
19988
third-party-advisory
x_refsource_SECUNIA
DSA-1134
vendor-advisory
x_refsource_DEBIAN
21324
third-party-advisory
x_refsource_SECUNIA
21183
third-party-advisory
x_refsource_SECUNIA
22066
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2006:035
vendor-advisory
x_refsource_SUSE
ADV-2006-2106
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now