CVE-2006-2782

Published: 02 June 2006

Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.

Priority

Unknown

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

firefox-granparadiso
Launchpad, Ubuntu, Debian
Upstream Needs triage

lightning-sunbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

midbrowser
Launchpad, Ubuntu, Debian
Upstream Needs triage

mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

xulrunner
Launchpad, Ubuntu, Debian
Upstream Needs triage