CVE-2006-6077

Public Exploit

Description

The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.

5.0

CVSS

Severity: Medium

CVSS 2.0 •

EPSS 2.39% Top 20%

Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory gentoo.org Vendor Advisory gentoo.org Vendor Advisory debian.org Vendor Advisory hp.com Vendor Advisory ubuntu.com Vendor Advisory suse.com Vendor Advisory novell.com Vendor Advisory fedoranews.org Vendor Advisory redhat.com Vendor Advisory fedoranews.org Vendor Advisory sgi.com Vendor Advisory mandriva.com Vendor Advisory redhat.com Vendor Advisory sgi.com Vendor Advisory slackware.com Vendor Advisory redhat.com Vendor Advisory secunia.com

Affected: n/a n/a

References

Link	Tags
http://www.redhat.com/support/errata/RHSA-2007-0078.html	vendor advisory
http://www.info-svc.com/news/11-21-2006/rcsr1/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10031	signature vdb entry
http://secunia.com/advisories/24395	third party advisory
http://www.securityfocus.com/archive/1/461336/100/0/threaded	mailing list
http://secunia.com/advisories/24328	third party advisory
http://www.redhat.com/support/errata/RHSA-2007-0108.html	vendor advisory
http://security.gentoo.org/glsa/glsa-200703-04.xml	vendor advisory
http://www.securityfocus.com/archive/1/452440/100/0/threaded	mailing list
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml	vendor advisory
http://secunia.com/advisories/23046	vendor advisory third party advisory exploit
http://secunia.com/advisories/24384	third party advisory
http://www.securityfocus.com/archive/1/452431/100/0/threaded	mailing list
http://www.securityfocus.com/archive/1/455073/100/0/threaded	mailing list
http://secunia.com/advisories/24457	third party advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30470	vdb entry
http://secunia.com/advisories/24343	third party advisory
http://www.debian.org/security/2007/dsa-1336	vendor advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742	vendor advisory
http://securitytracker.com/id?1017271	vdb entry exploit
http://www.mozilla.org/security/announce/2007/mfsa2007-02.html
http://www.vupen.com/english/advisories/2007/0718	vdb entry
http://www.securityfocus.com/archive/1/454982/100/0/threaded	mailing list
http://secunia.com/advisories/24650	third party advisory
http://www.ubuntu.com/usn/usn-428-1	vendor advisory
http://secunia.com/advisories/24320	third party advisory
http://secunia.com/advisories/25588	third party advisory
https://issues.rpath.com/browse/RPL-1103
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html	vendor advisory
http://www.securityfocus.com/archive/1/452463/100/0/threaded	mailing list
http://www.securityfocus.com/archive/1/461809/100/0/threaded	mailing list
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html	vendor advisory
http://secunia.com/advisories/24293	third party advisory
http://secunia.com/advisories/24238	third party advisory
http://secunia.com/advisories/24393	third party advisory
http://secunia.com/advisories/24342	third party advisory
http://secunia.com/advisories/24287	third party advisory
http://www.securityfocus.com/archive/1/452382/100/0/threaded	mailing list
http://www.securityfocus.com/archive/1/455148/100/0/threaded	mailing list
http://secunia.com/advisories/23108	third party advisory
http://www.securityfocus.com/bid/21240	vdb entry exploit
https://bugzilla.mozilla.org/show_bug.cgi?id=360493	exploit
http://www.securityfocus.com/bid/22694	vdb entry
http://fedoranews.org/cms/node/2713	vendor advisory
http://www.redhat.com/support/errata/RHSA-2007-0097.html	vendor advisory
http://fedoranews.org/cms/node/2728	vendor advisory
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc	vendor advisory
http://secunia.com/advisories/24205	third party advisory
https://issues.rpath.com/browse/RPL-1081
http://secunia.com/advisories/24333	third party advisory
http://www.vupen.com/english/advisories/2006/4662	vdb entry
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050	vendor advisory
http://secunia.com/advisories/24290	third party advisory
http://rhn.redhat.com/errata/RHSA-2007-0077.html	vendor advisory
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc	vendor advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131	vendor advisory
http://www.redhat.com/support/errata/RHSA-2007-0079.html	vendor advisory
http://www.info-svc.com/news/11-21-2006/	exploit
http://secunia.com/advisories/24437	third party advisory

Frequently Asked Questions

What is the severity of CVE-2006-6077?: CVE-2006-6077 has been scored as a medium severity vulnerability.
How to fix CVE-2006-6077?: To fix CVE-2006-6077, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-6077 being actively exploited in the wild?: It is possible that CVE-2006-6077 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~2% probability that this vulnerability will be exploited by malicious actors in the next 30 days.