Bug 194511 - (CVE-2006-2894) CVE-2006-2894 arbitrary file read vulnerability
CVE-2006-2894 arbitrary file read vulnerability
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: seamonkey (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Kai Engert (:kaie) (on vacation)
Fedora Extras Quality Assurance
: Reopened, Security
Depends On:
Blocks: FE6Target
  Show dependency treegraph
 
Reported: 2006-06-08 12:53 EDT by Ville Skyttä
Modified: 2007-11-30 17:11 EST (History)
4 users (show)

See Also:
Fixed In Version: seamonkey-1.1.6-1.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-09 07:19:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 258875 None None None Never

  None (edit)
Description Ville Skyttä 2006-06-08 12:53:32 EDT
Arbitrary file read vulnerability in <= 1.0.2:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2894
Comment 1 Kai Engert (:kaie) (on vacation) 2006-06-16 14:03:59 EDT
update to seamonkey 1.0.2 has been made available
Comment 2 Ville Skyttä 2006-06-17 06:57:15 EDT
See initial comment, this is reportedly a vulnerability in 1.0.2 and earlier.
Comment 3 Ville Skyttä 2006-08-07 15:56:04 EDT
I did not find a reference to this CVE in Mozilla advisories, assuming still
vulnerable in 1.0.4.  Kai, could you investigate?
Comment 5 Kai Engert (:kaie) (on vacation) 2006-08-10 15:05:42 EDT
I believe this issue is still open.
Comment 6 Jason Tibbitts 2006-12-23 21:41:33 EST
Does anyone know if this has been fixed in the interim?
Comment 7 Andrew Schultz 2007-01-21 21:05:37 EST
A fix for this is in Mozilla trunk (SeaMonkey 1.5) in bug 258875, but never made
it to the 1.8 branch
Comment 8 Kai Engert (:kaie) (on vacation) 2007-02-02 14:26:14 EST
Adding reference to Mozilla bug.

Looks like nobody is working on backporting the fix to the branch.
Comment 9 Matěj Cepl 2007-07-18 13:28:20 EDT
Fedora Core 5 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora Core 6, or
Fedora 7, or Rawhide)? If this issue turns out to still be reproducible, please
let us know in this bug report.  If after a month's time we have not heard back
from you, we will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

Thanks in advance.
Comment 10 Matěj Cepl 2007-08-28 10:36:30 EDT
We haven't got any reply to the last question about reproducability of the bug
with Fedora Core 6, Fedora 7, or Fedora devel. Mass closing this bug, so if you
have new information that would help us fix this bug, please reopen it with the
additional information.
Comment 11 Lubomir Kundrak 2007-11-02 13:31:52 EDT
Matej: Please never close bugs with "Security" keyword unless you are condfident
they are fixed.

The sample exploit from https://bugzilla.mozilla.org/show_bug.cgi?id=258875
works with seamonkey-1.1.3-8.fc8, though the upstream bug was recently closed.
Comment 12 Lubomir Kundrak 2007-11-09 07:19:36 EST
Fixed with seamonkey-1.1.6-1.fc8

Note You need to log in before you can comment on or make changes to this bug.