194511 – (CVE-2006-2894) CVE-2006-2894 arbitrary file read vulnerability

Bug 194511 (CVE-2006-2894) - CVE-2006-2894 arbitrary file read vulnerability

Summary: CVE-2006-2894 arbitrary file read vulnerability

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	CVE-2006-2894
Product:	Fedora
Classification:	Fedora
Component:	seamonkey
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Kai Engert (:kaie) (inactive account)
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FE6Target
TreeView+	depends on / blocked

Reported:	2006-06-08 16:53 UTC by Ville Skyttä
Modified:	2018-04-11 09:01 UTC (History)
CC List:	5 users (show)
Fixed In Version:	seamonkey-1.1.6-1.fc8
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-11-09 12:19:36 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Mozilla Foundation	258875	0	None	None	None	Never

Description Ville Skyttä 2006-06-08 16:53:32 UTC

Arbitrary file read vulnerability in <= 1.0.2:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2894

Comment 1 Kai Engert (:kaie) (inactive account) 2006-06-16 18:03:59 UTC

update to seamonkey 1.0.2 has been made available

Comment 2 Ville Skyttä 2006-06-17 10:57:15 UTC

See initial comment, this is reportedly a vulnerability in 1.0.2 and earlier.

Comment 3 Ville Skyttä 2006-08-07 19:56:04 UTC

I did not find a reference to this CVE in Mozilla advisories, assuming still
vulnerable in 1.0.4.  Kai, could you investigate?

Comment 5 Kai Engert (:kaie) (inactive account) 2006-08-10 19:05:42 UTC

I believe this issue is still open.

Comment 6 Jason Tibbitts 2006-12-24 02:41:33 UTC

Does anyone know if this has been fixed in the interim?

Comment 7 Andrew Schultz 2007-01-22 02:05:37 UTC

A fix for this is in Mozilla trunk (SeaMonkey 1.5) in bug 258875, but never made
it to the 1.8 branch

Comment 8 Kai Engert (:kaie) (inactive account) 2007-02-02 19:26:14 UTC

Adding reference to Mozilla bug.

Looks like nobody is working on backporting the fix to the branch.

Comment 9 Matěj Cepl 2007-07-18 17:28:20 UTC

Fedora Core 5 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora Core 6, or
Fedora 7, or Rawhide)? If this issue turns out to still be reproducible, please
let us know in this bug report.  If after a month's time we have not heard back
from you, we will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

Thanks in advance.

Comment 10 Matěj Cepl 2007-08-28 14:36:30 UTC

We haven't got any reply to the last question about reproducability of the bug
with Fedora Core 6, Fedora 7, or Fedora devel. Mass closing this bug, so if you
have new information that would help us fix this bug, please reopen it with the
additional information.

Comment 11 Lubomir Kundrak 2007-11-02 17:31:52 UTC

Matej: Please never close bugs with "Security" keyword unless you are condfident
they are fixed.

The sample exploit from https://bugzilla.mozilla.org/show_bug.cgi?id=258875
works with seamonkey-1.1.3-8.fc8, though the upstream bug was recently closed.

Comment 12 Lubomir Kundrak 2007-11-09 12:19:36 UTC

Fixed with seamonkey-1.1.6-1.fc8

Note You need to log in before you can comment on or make changes to this bug.