admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-60xx/CVE-2006-6077.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

308 lines
9.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-6077",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-24T17:07:00.000",
"lastModified": "2018-10-17T21:46:26.407",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password."
},
{
"lang": "es",
"value": "El (1) Password Manager en Mozilla Firefox 2.0, y 1.5.0.8 y anteriores; y el (2) Passcard Manager en Netscape 8.1.2 y posiblemente otras versiones, no verifican correctamente que una ACTION URL en un elemento FORM contiene una contrase\u00f1a (elemento INPUT) que encaja con el sitio web para lo cual el usuario almacena una contrase\u00f1a, lo cual permite a un atacante remoto obtener contrase\u00f1as a trav\u00e9s de la contrase\u00f1a (elemento INPUT) sobre un p\u00e1gina web diferente localizada sobre un sitio web previsto para esta contrase\u00f1a."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.0.8",
"matchCriteriaId": "FD89DF1B-8235-41DE-97C5-A3D039B0C3E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
"matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netscape:navigator:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3523E6B8-3498-4D46-9C8B-31D572263388"
}
]
}
]
}
],
"references": [
{
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc",
"source": "cve@mitre.org"
},
{
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc",
"source": "cve@mitre.org"
},
{
"url": "http://fedoranews.org/cms/node/2713",
"source": "cve@mitre.org"
},
{
"url": "http://fedoranews.org/cms/node/2728",
"source": "cve@mitre.org"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742",
"source": "cve@mitre.org"
},
{
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html",
"source": "cve@mitre.org"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html",
"source": "cve@mitre.org"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200703-04.xml",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1017271",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1336",
"source": "cve@mitre.org"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml",
"source": "cve@mitre.org"
},
{
"url": "http://www.info-svc.com/news/11-21-2006/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.info-svc.com/news/11-21-2006/rcsr1/",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050",
"source": "cve@mitre.org"
},
{
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-02.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/452382/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/452431/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/452440/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/452463/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/454982/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/455073/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/455148/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/21240",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/22694",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-428-1",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2006/4662",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/0718",
"source": "cve@mitre.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=360493",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30470",
"source": "cve@mitre.org"
},
{
"url": "https://issues.rpath.com/browse/RPL-1081",
"source": "cve@mitre.org"
},
{
"url": "https://issues.rpath.com/browse/RPL-1103",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10031",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink