QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-2786

Back to search

CVE-2006-2786

Published: Jun 2, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.

VendorProductVersions

n/a

n/a

affected
n/a

References

20709
third-party-advisory
x_refsource_SECUNIA
21176
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:145
vendor-advisory
x_refsource_MANDRIVA
ADV-2006-3748
vdb-entry
x_refsource_VUPEN
USN-296-1
vendor-advisory
x_refsource_UBUNTU
USN-323-1
vendor-advisory
x_refsource_UBUNTU
20561
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9966
vdb-entry
signature
x_refsource_OVAL
RHSA-2006:0594
vendor-advisory
x_refsource_REDHAT
21336
third-party-advisory
x_refsource_SECUNIA
20382
third-party-advisory
x_refsource_SECUNIA
1016214
vdb-entry
x_refsource_SECTRACK
20060602 rPSA-2006-0091-1 firefox thunderbird
mailing-list
x_refsource_BUGTRAQ
ADV-2006-3749
vdb-entry
x_refsource_VUPEN
RHSA-2006:0610
vendor-advisory
x_refsource_REDHAT
20376
third-party-advisory
x_refsource_SECUNIA
RHSA-2006:0609
vendor-advisory
x_refsource_REDHAT
21178
third-party-advisory
x_refsource_SECUNIA
1016202
vdb-entry
x_refsource_SECTRACK
18228
vdb-entry
x_refsource_BID
21532
third-party-advisory
x_refsource_SECUNIA
21270
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0083
vdb-entry
x_refsource_VUPEN
21188
third-party-advisory
x_refsource_SECUNIA
21134
third-party-advisory
x_refsource_SECUNIA
21631
third-party-advisory
x_refsource_SECUNIA
SSRT061181
vendor-advisory
x_refsource_HP
SSRT061236
vendor-advisory
x_refsource_HP
USN-296-2
vendor-advisory
x_refsource_UBUNTU
GLSA-200606-21
vendor-advisory
x_refsource_GENTOO
DSA-1118
vendor-advisory
x_refsource_DEBIAN
HPSBUX02153
vendor-advisory
x_refsource_HP
DSA-1120
vendor-advisory
x_refsource_DEBIAN
RHSA-2006:0611
vendor-advisory
x_refsource_REDHAT
HPSBUX02156
vendor-advisory
x_refsource_HP
DSA-1134
vendor-advisory
x_refsource_DEBIAN
GLSA-200606-12
vendor-advisory
x_refsource_GENTOO
21324
third-party-advisory
x_refsource_SECUNIA
21183
third-party-advisory
x_refsource_SECUNIA
22066
third-party-advisory
x_refsource_SECUNIA
21269
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2006:035
vendor-advisory
x_refsource_SUSE
USN-297-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2006:0578
vendor-advisory
x_refsource_REDHAT
ADV-2006-2106
vdb-entry
x_refsource_VUPEN
MDKSA-2006:143
vendor-advisory
x_refsource_MANDRIVA
22065
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now