CVE-2006-2613 : Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before

Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.

Published 2006-05-26 01:06:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-2613

Netscape » Navigator » Version: 7.2
cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*
Matching versions
Netscape » Navigator » Version: 8.1
cpe:2.3:a:netscape:navigator:8.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.1
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.2
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.3
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla Suite » Version: 1.7.13
cpe:2.3:a:mozilla:mozilla_suite:1.7.13:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-2613

EPSS FAQ

0.94%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 74 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-2613

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2006-2613

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2006-2613

http://securityreason.com/securityalert/960
http://secunia.com/advisories/20255

Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145

Mandriva

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143

Mandriva

CVEs referencing this url
https://bugzilla.mozilla.org/attachment.cgi?id=164547

Exploit
http://www.securityfocus.com/archive/1/434696/100/0/threaded
http://secunia.com/advisories/20244

Vendor Advisory
http://secunia.com/advisories/21532

About Secunia Research | Flexera
Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/20256

Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26667
https://bugzilla.mozilla.org/show_bug.cgi?id=267645

Patch

Jump to

Vulnerability Details : CVE-2006-2613

Products affected by CVE-2006-2613

Exploit prediction scoring system (EPSS) score for CVE-2006-2613

CVSS scores for CVE-2006-2613

CWE ids for CVE-2006-2613

References for CVE-2006-2613