CVE-2006-6077
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
5Exploited in Wild
-Decision
Descriptions
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.
El (1) Password Manager en Mozilla Firefox 2.0, y 1.5.0.8 y anteriores; y el (2) Passcard Manager en Netscape 8.1.2 y posiblemente otras versiones, no verifican correctamente que una ACTION URL en un elemento FORM contiene una contraseña (elemento INPUT) que encaja con el sitio web para lo cual el usuario almacena una contraseña, lo cual permite a un atacante remoto obtener contraseñas a través de la contraseña (elemento INPUT) sobre un página web diferente localizada sobre un sitio web previsto para esta contraseña.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-11-24 CVE Reserved
- 2006-11-24 CVE Published
- 2024-04-18 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (61)
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/23046 | 2024-08-07 | |
http://securitytracker.com/id?1017271 | 2024-08-07 | |
http://www.info-svc.com/news/11-21-2006 | 2024-08-07 | |
http://www.securityfocus.com/bid/21240 | 2024-08-07 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=360493 | 2024-08-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 1.5.0.8 Search vendor "Mozilla" for product "Firefox" and version " <= 1.5.0.8" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta1 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta2 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.5 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.7 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 2.0 Search vendor "Mozilla" for product "Firefox" and version "2.0" | - |
Affected
| ||||||
Netscape Search vendor "Netscape" | Navigator Search vendor "Netscape" for product "Navigator" | 8.1.2 Search vendor "Netscape" for product "Navigator" and version "8.1.2" | - |
Affected
|