CVE-2006-1942
Micah Anderson
micah at debian.org
Sun Apr 23 14:46:31 UTC 2006
Thanks for your hard work in getting all these CVE's wrapped up
for upload, I'll mark the debian security tracker appropriately.
I noticed one new CVE that has perhaps appeared since you put
these together, CVE-2006-1942 which applies to 1.5.0.2.
The short description is:
Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to
open local files via a web page with an IMG element containing
a SRC attribute with a non-image file:// URL, then tricking the user
into selecting View Image for the broken image.
Is this on your radar for this upload?
thanks,
micah
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20060423/baa08ae8/attachment.pgp
More information about the pkg-mozilla-maintainers
mailing list