Showing 1 - 6 of 6

CVE-2006-6077

Status Candidate

Overview

The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.

Related Files

Debian Linux Security Advisory 1336-1: Posted Jul 23, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1336-1 - Several remote vulnerabilities have been discovered in Mozilla Firefox. These vulnerabilities range from cross site scripting to integer overflows.; tags | advisory, remote, overflow, vulnerability, xss; systems | linux, debian; advisories | CVE-2007-1282, CVE-2007-0994, CVE-2007-0995, CVE-2007-0996, CVE-2007-0981, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0778, CVE-2007-0045, CVE-2006-6077; SHA-256 | a98c39a362439e5b88e741c42cab3df3a56653b20b92b9b497c954513ffad1b0; Download | Favorite | View

Gentoo Linux Security Advisory 200703-8: Posted Mar 14, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200703-08 - Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects SeaMonkey. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. SeaMonkey also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions. All those vulnerabilities are the same as in GLSA 200703-04 affecting Mozilla Firefox. Versions less than 1.1.1 are affected.; tags | advisory, overflow, javascript, vulnerability; systems | linux, gentoo; advisories | CVE-2006-6077, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0801, CVE-2007-0981, CVE-2007-0995; SHA-256 | ecaa1e726a2e8cdce8273041013ccaa3441879102769280f1c9c9ff93d0ec1d9; Download | Favorite | View

Mandriva Linux Security Advisory 2007.050: Posted Mar 8, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092; SHA-256 | a6c727c9c55b7a3d9a6b157a2ab03de066cd8481902e55ee8a61cf7b1109a114; Download | Favorite | View

Gentoo Linux Security Advisory 200703-4: Posted Mar 6, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200703-04 - Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. Mozilla Firefox also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions. Versions less than 2.0.0.2 are affected.; tags | advisory, overflow, javascript, vulnerability; systems | linux, gentoo; advisories | CVE-2006-6077, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0801, CVE-2007-0981, CVE-2007-0995; SHA-256 | f824210be570f79159b5e50e532fc69afe69865942bf86c2b96a7c39aeeceee8; Download | Favorite | View

Mandriva Linux Security Advisory 2007.050: Posted Mar 6, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092; SHA-256 | 34faf69d53de56d5a38c7ca739e1ce69186e39d4823b154794ad09079dc48938; Download | Favorite | View

Ubuntu Security Notice 428-1: Posted Mar 6, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 428-1 - Firefox has been patched to fix a slew of miscellaneous vulnerabilities including cross site scripting and SSL flaws.; tags | advisory, vulnerability, xss; systems | linux, ubuntu; advisories | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092; SHA-256 | 624e75c29f4a125c67b1be7fc1f599a665731a75def9a05badf4fc8845961c58; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2006-6077

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems