CVE-2006-6077 : Detail

CVE-2006-6077

8.05%V3
Network
2006-11-24
16h00 +00:00
2018-10-17
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:P/I:N/A:N [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Mozilla>>Firefox >> Version To (including) 1.5.0.8

Mozilla>>Firefox >> Version 1.5

Mozilla>>Firefox >> Version 1.5

Mozilla>>Firefox >> Version 1.5

Mozilla>>Firefox >> Version 1.5.0.1

Mozilla>>Firefox >> Version 1.5.0.2

Mozilla>>Firefox >> Version 1.5.0.3

Mozilla>>Firefox >> Version 1.5.0.4

Mozilla>>Firefox >> Version 1.5.0.5

Mozilla>>Firefox >> Version 1.5.0.6

Mozilla>>Firefox >> Version 1.5.0.7

Mozilla>>Firefox >> Version 2.0

Netscape>>Navigator >> Version 8.1.2

References

http://www.redhat.com/support/errata/RHSA-2007-0078.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24395
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24328
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0108.html
Tags : vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200703-04.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/23046
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24384
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24457
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24343
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1336
Tags : vendor-advisory, x_refsource_DEBIAN
http://securitytracker.com/id?1017271
Tags : vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/0718
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/24650
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-428-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/24320
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25588
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24293
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24238
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24393
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24342
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24287
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23108
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/21240
Tags : vdb-entry, x_refsource_BID
http://www.securityfocus.com/bid/22694
Tags : vdb-entry, x_refsource_BID
http://fedoranews.org/cms/node/2713
Tags : vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2007-0097.html
Tags : vendor-advisory, x_refsource_REDHAT
http://fedoranews.org/cms/node/2728
Tags : vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/24205
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24333
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4662
Tags : vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/24290
Tags : third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2007-0077.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-0079.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24437
Tags : third-party-advisory, x_refsource_SECUNIA