Bug 194511 (CVE-2006-2894) - CVE-2006-2894 arbitrary file read vulnerability
Summary: CVE-2006-2894 arbitrary file read vulnerability
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2006-2894
Product: Fedora
Classification: Fedora
Component: seamonkey
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Kai Engert (:kaie) (inactive account)
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: FE6Target
TreeView+ depends on / blocked
 
Reported: 2006-06-08 16:53 UTC by Ville Skyttä
Modified: 2018-04-11 09:01 UTC (History)
5 users (show)

Fixed In Version: seamonkey-1.1.6-1.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-11-09 12:19:36 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Mozilla Foundation 258875 None None None Never

Description Ville Skyttä 2006-06-08 16:53:32 UTC
Arbitrary file read vulnerability in <= 1.0.2:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2894

Comment 1 Kai Engert (:kaie) (inactive account) 2006-06-16 18:03:59 UTC
update to seamonkey 1.0.2 has been made available

Comment 2 Ville Skyttä 2006-06-17 10:57:15 UTC
See initial comment, this is reportedly a vulnerability in 1.0.2 and earlier.

Comment 3 Ville Skyttä 2006-08-07 19:56:04 UTC
I did not find a reference to this CVE in Mozilla advisories, assuming still
vulnerable in 1.0.4.  Kai, could you investigate?

Comment 5 Kai Engert (:kaie) (inactive account) 2006-08-10 19:05:42 UTC
I believe this issue is still open.


Comment 6 Jason Tibbitts 2006-12-24 02:41:33 UTC
Does anyone know if this has been fixed in the interim?

Comment 7 Andrew Schultz 2007-01-22 02:05:37 UTC
A fix for this is in Mozilla trunk (SeaMonkey 1.5) in bug 258875, but never made
it to the 1.8 branch

Comment 8 Kai Engert (:kaie) (inactive account) 2007-02-02 19:26:14 UTC
Adding reference to Mozilla bug.

Looks like nobody is working on backporting the fix to the branch.


Comment 9 Matěj Cepl 2007-07-18 17:28:20 UTC
Fedora Core 5 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora Core 6, or
Fedora 7, or Rawhide)? If this issue turns out to still be reproducible, please
let us know in this bug report.  If after a month's time we have not heard back
from you, we will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

Thanks in advance.


Comment 10 Matěj Cepl 2007-08-28 14:36:30 UTC
We haven't got any reply to the last question about reproducability of the bug
with Fedora Core 6, Fedora 7, or Fedora devel. Mass closing this bug, so if you
have new information that would help us fix this bug, please reopen it with the
additional information.

Comment 11 Lubomir Kundrak 2007-11-02 17:31:52 UTC
Matej: Please never close bugs with "Security" keyword unless you are condfident
they are fixed.

The sample exploit from https://bugzilla.mozilla.org/show_bug.cgi?id=258875
works with seamonkey-1.1.3-8.fc8, though the upstream bug was recently closed.

Comment 12 Lubomir Kundrak 2007-11-09 12:19:36 UTC
Fixed with seamonkey-1.1.6-1.fc8


Note You need to log in before you can comment on or make changes to this bug.