National Cyber Awareness System

Vulnerability Summary for CVE-2006-1736

Overview

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.

Impact

CVSS Severity (version 2.0 upgrade from v1.0):

CVSS Version 2 Metrics:

Solution

Fixed in: Firefox 1.5 Firefox 1.0.8 SeaMonkey 1.0 Mozilla Suite 1.7.13}

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: MISC

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=293527

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=293527

External Source: VUPEN

Name: ADV-2006-1356

Hyperlink:http://www.vupen.com/english/advisories/2006/1356

External Source: HP

Name: SSRT061158

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded

External Source: CONFIRM

Name: http://www.mozilla.org/security/announce/2006/mfsa2006-13.html

Hyperlink:http://www.mozilla.org/security/announce/2006/mfsa2006-13.html

External Source: SUNALERT

Name: 228526

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1

External Source: XF

Name: mozilla-saveimageas-ext-spoofing(25814)

Hyperlink:http://xforce.iss.net/xforce/xfdb/25814

External Source: UBUNTU

Name: USN-275-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-275-1

External Source: UBUNTU

Name: USN-271-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-271-1

External Source: BID

Name: 17516

Hyperlink:http://www.securityfocus.com/bid/17516

External Source: HP

Name: HPSBUX02122

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded

External Source: MANDRIVA

Name: MDKSA-2006:076

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:076

External Source: MANDRIVA

Name: MDKSA-2006:075

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:075

External Source: GENTOO

Name: GLSA-200604-18

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

External Source: GENTOO

Name: GLSA-200604-12

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml

External Source: DEBIAN

Name: DSA-1051

Hyperlink:http://www.debian.org/security/2006/dsa-1051

External Source: DEBIAN

Name: DSA-1046

Hyperlink:http://www.debian.org/security/2006/dsa-1046

External Source: DEBIAN

Name: DSA-1044

Hyperlink:http://www.debian.org/security/2006/dsa-1044

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

External Source: SUNALERT

Name: 102550

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1

External Source: SECUNIA

Name: 21622

Hyperlink:http://secunia.com/advisories/21622

External Source: SECUNIA

Name: 21033

Hyperlink:http://secunia.com/advisories/21033

External Source: SECUNIA

Name: 19941

Hyperlink:http://secunia.com/advisories/19941

External Source: SECUNIA

Name: 19902

Hyperlink:http://secunia.com/advisories/19902

External Source: SECUNIA

Name: 19863

Hyperlink:http://secunia.com/advisories/19863

External Source: SECUNIA

Name: 19862

Hyperlink:http://secunia.com/advisories/19862

External Source: SECUNIA

Name: 19852

Hyperlink:http://secunia.com/advisories/19852

External Source: SECUNIA

Name: 19794

Hyperlink:http://secunia.com/advisories/19794

External Source: SECUNIA

Name: 19759

Hyperlink:http://secunia.com/advisories/19759

External Source: SECUNIA

Name: 19746

Hyperlink:http://secunia.com/advisories/19746

External Source: SECUNIA

Name: 19721

Hyperlink:http://secunia.com/advisories/19721

External Source: SECUNIA

Name: 19631

Hyperlink:http://secunia.com/advisories/19631

External Source: SUSE

Name: SUSE-SA:2006:021

Hyperlink:http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html

External Source: SCO

Name: SCOSA-2006.26

Hyperlink:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt

US Government Resource: oval:org.mitre.oval:def:1548

Name: oval:org.mitre.oval:def:1548

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1548

References to Check Content

Identifier:oval:org.mitre.oval:def:1548

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1548