CVE-2006-1729

Name: CVE-2006-1729
Creator: NVD / NIST
Published: 2006-04-14T10:02:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.23%

Last modified Jun 16, 2026

CVE-2006-1729 is a vulnerability of currently unknown severity. Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.. EPSS estimates a 2.23% chance of exploitation in the next 30 days.

Description

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

Metrics

EPSS Probability

2.23%

80.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Mozilla	Firefox	>= 1.0, < 1.0.8
Mozilla	Firefox	>= 1.5, < 1.5.0.2
Mozilla	Mozilla Suite	< 1.7.13
Mozilla	Seamonkey	< 1.0.1
Canonical	Ubuntu Linux	4.10
Canonical	Ubuntu Linux	5.04
Canonical	Ubuntu Linux	5.10

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
http://secunia.com/advisories/19631Third Party Advisory
http://secunia.com/advisories/19649Third Party Advisory
http://secunia.com/advisories/19696Third Party Advisory
http://secunia.com/advisories/19714Third Party Advisory
http://secunia.com/advisories/19721Third Party Advisory
http://secunia.com/advisories/19729Third Party Advisory
http://secunia.com/advisories/19746Third Party Advisory
http://secunia.com/advisories/19759Third Party Advisory
http://secunia.com/advisories/19794Third Party Advisory
http://secunia.com/advisories/19811Third Party Advisory
http://secunia.com/advisories/19852Third Party Advisory
http://secunia.com/advisories/19862Third Party Advisory
http://secunia.com/advisories/19863Third Party Advisory
http://secunia.com/advisories/19902Third Party Advisory
http://secunia.com/advisories/19941Third Party Advisory
http://secunia.com/advisories/21033Third Party Advisory
http://secunia.com/advisories/21622Third Party Advisory
http://secunia.com/advisories/22066Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
http://www.debian.org/security/2006/dsa-1044Third Party Advisory
http://www.debian.org/security/2006/dsa-1046Third Party Advisory
http://www.debian.org/security/2006/dsa-1051Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-23.htmlVendor Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlBroken Link, Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929Third Party Advisory
https://usn.ubuntu.com/271-1/Third Party Advisory
https://usn.ubuntu.com/275-1/Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtBroken Link
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.ascBroken Link
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlBroken Link
http://secunia.com/advisories/19631Third Party Advisory
http://secunia.com/advisories/19649Third Party Advisory
http://secunia.com/advisories/19696Third Party Advisory
http://secunia.com/advisories/19714Third Party Advisory
http://secunia.com/advisories/19721Third Party Advisory
http://secunia.com/advisories/19729Third Party Advisory
http://secunia.com/advisories/19746Third Party Advisory
http://secunia.com/advisories/19759Third Party Advisory
http://secunia.com/advisories/19794Third Party Advisory
http://secunia.com/advisories/19811Third Party Advisory
http://secunia.com/advisories/19852Third Party Advisory
http://secunia.com/advisories/19862Third Party Advisory
http://secunia.com/advisories/19863Third Party Advisory
http://secunia.com/advisories/19902Third Party Advisory
http://secunia.com/advisories/19941Third Party Advisory
http://secunia.com/advisories/21033Third Party Advisory
http://secunia.com/advisories/21622Third Party Advisory
http://secunia.com/advisories/22066Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htmThird Party Advisory
http://www.debian.org/security/2006/dsa-1044Third Party Advisory
http://www.debian.org/security/2006/dsa-1046Third Party Advisory
http://www.debian.org/security/2006/dsa-1051Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xmlThird Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xmlThird Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076Third Party Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-23.htmlVendor Advisory
http://www.novell.com/linux/security/advisories/2006_35_mozilla.htmlBroken Link, Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.htmlThird Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0328.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.htmlThird Party Advisory
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/bid/17516Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2006/1356Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748Permissions Required, Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083Permissions Required, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25823Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10922Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1929Third Party Advisory
https://usn.ubuntu.com/271-1/Third Party Advisory
https://usn.ubuntu.com/275-1/Third Party Advisory

Timeline

Published: Apr 14, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-1729?

How severe is CVE-2006-1729?

Severity scoring for CVE-2006-1729 is pending analysis. The EPSS model estimates a 2.23% probability of exploitation in the next 30 days.

How do I fix CVE-2006-1729?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-1729?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST