CVE-2006-1736

Description

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.

2.6

CVSS

Severity: Low

CVSS 2.0 •

EPSS 1.62% Top 20%

Vendor Advisory ubuntu.com Vendor Advisory securityfocus.com Vendor Advisory gentoo.org Vendor Advisory mandriva.com Vendor Advisory debian.org Vendor Advisory ubuntu.com Vendor Advisory gentoo.org Vendor Advisory sun.com Vendor Advisory suse.com Vendor Advisory sco.com Vendor Advisory sun.com Vendor Advisory mandriva.com Vendor Advisory debian.org Vendor Advisory debian.org

Affected: n/a n/a

References

Link	Tags
https://usn.ubuntu.com/275-1/	vendor advisory
http://secunia.com/advisories/19902	third party advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25814	vdb entry
http://www.securityfocus.com/archive/1/438730/100/0/threaded	vendor advisory
http://secunia.com/advisories/19941	third party advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	vendor advisory
http://secunia.com/advisories/21622	third party advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-13.html
http://secunia.com/advisories/19862	third party advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075	vendor advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://www.debian.org/security/2006/dsa-1051	vendor advisory
https://usn.ubuntu.com/271-1/	vendor advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	vendor advisory
http://secunia.com/advisories/19794	third party advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1548	vdb entry signature
http://secunia.com/advisories/19746	third party advisory
http://secunia.com/advisories/21033	third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	vendor advisory
http://secunia.com/advisories/19759	third party advisory
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html	vendor advisory
http://www.vupen.com/english/advisories/2006/1356	vdb entry
http://secunia.com/advisories/19863	third party advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	vendor advisory
http://www.securityfocus.com/bid/17516	vdb entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1	vendor advisory
http://secunia.com/advisories/19852	third party advisory
http://secunia.com/advisories/19721	third party advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=293527
http://secunia.com/advisories/19631	third party advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076	vendor advisory
http://www.debian.org/security/2006/dsa-1046	vendor advisory
http://www.debian.org/security/2006/dsa-1044	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2006-1736?: CVE-2006-1736 has been scored as a low severity vulnerability.
How to fix CVE-2006-1736?: To fix CVE-2006-1736, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-1736 being actively exploited in the wild?: It is possible that CVE-2006-1736 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~2% probability that this vulnerability will be exploited by malicious actors in the next 30 days.