Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > CVE-2006-1736
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
CVE Reference: CVE-2006-1736
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-1736

Description:
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/25814

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-271-1
  http://www.ubuntulinux.org/support/documentation/usn/usn-275-1

SUSE
  http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

SCO

SAID
  Secunia Advisory: SA19852
  Secunia Advisory: SA19631
  Secunia Advisory: SA19863
  Secunia Advisory: SA19794
  Secunia Advisory: SA19759
  Secunia Advisory: SA19862
  Secunia Advisory: SA19902
  Secunia Advisory: SA19941
  Secunia Advisory: SA19721
  Secunia Advisory: SA19746
  Secunia Advisory: SA21033
  Secunia Advisory: SA21622

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1548

MISC

MANDRIVA
  http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:076
  http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:075

HP
  http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
  http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

DEBIAN
  http://www.debian.org/security/2006/dsa-1046
  http://www.debian.org/security/2006/dsa-1051
  http://www.debian.org/security/2006/dsa-1044

CONFIRM
  http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
  http://www.mozilla.org/security/announce/2006/mfsa2006-13.html

BID
  17516


Return to the previous page.


Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008