Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-z23q-ts2f-17a3
Summary
Normally Mozilla-based clients prevent web content from linking to local files
but Eric Foley reports a partial bypass of this restriction by using Windows
filename syntax (on a Windows computer) rather than a file:/// URL as the
SRC= attribute. The image will not be loaded on the web page--it will appear as
a broken image--but if a user can be convinced to right-click and select
"View Image" then the content will be loaded. Since the image will replace
the current document attacker script cannot be run on it. Loading a local
file at a known location is about the extent of this attack.If the local file is a media file an external helper program may be launched
to play the media depending on your settings. The action will be the same
as if you had clicked on a remote link of the same media type and does not
present any additional risk. Local files identified as executable will
never be opened in this way, with "executable" broadly
defined on windows to include many scriptable document formats with a history
of being abused.By referencing a local device rather than a file this could be used
as a limited denial-of-service attack to hang the browser.
Aliases
0
alias CVE-2006-1942
Fixed_packages
0
url pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
purl pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@1.5.dfsg%252B1.5.0.4-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
4
url pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid
5
url pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid
6
url pkg:deb/debian/firefox@150.0.3-1?distro=sid
purl pkg:deb/debian/firefox@150.0.3-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid
7
url pkg:deb/debian/thunderbird@0?distro=trixie
purl pkg:deb/debian/thunderbird@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@0%3Fdistro=trixie
8
url pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3a6f-173h-fqbz
2
vulnerability VCID-3kv6-c148-nkhq
3
vulnerability VCID-4e49-6tg2-e7d9
4
vulnerability VCID-59d3-343b-e3aw
5
vulnerability VCID-61r1-arbe-dke4
6
vulnerability VCID-7jt2-zr49-7ye5
7
vulnerability VCID-95et-ezmb-buau
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-pszh-x9gd-xyg4
21
vulnerability VCID-q689-wneh-hbdq
22
vulnerability VCID-q8qp-5szp-mfe8
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-ufku-v5vq-4yef
26
vulnerability VCID-w98r-yagc-kkec
27
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie
9
url pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie
10
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie
11
url pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie
12
url pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie
13
url pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie
14
url pkg:deb/debian/thunderbird@1:140.10.1esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1%3Fdistro=trixie
15
url pkg:deb/debian/thunderbird@1:140.10.2esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.2esr-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.2esr-1%3Fdistro=trixie
16
url pkg:mozilla/SeaMonkey@1.0.2
purl pkg:mozilla/SeaMonkey@1.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.2
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1942
reference_id
reference_type
scores
0
value 0.0294
scoring_system epss
scoring_elements 0.86577
published_at 2026-05-14T12:55:00Z
1
value 0.0294
scoring_system epss
scoring_elements 0.86371
published_at 2026-04-01T12:55:00Z
2
value 0.0294
scoring_system epss
scoring_elements 0.86381
published_at 2026-04-02T12:55:00Z
3
value 0.0294
scoring_system epss
scoring_elements 0.86398
published_at 2026-04-04T12:55:00Z
4
value 0.0294
scoring_system epss
scoring_elements 0.864
published_at 2026-04-07T12:55:00Z
5
value 0.0294
scoring_system epss
scoring_elements 0.86419
published_at 2026-04-08T12:55:00Z
6
value 0.0294
scoring_system epss
scoring_elements 0.86429
published_at 2026-04-09T12:55:00Z
7
value 0.0294
scoring_system epss
scoring_elements 0.86443
published_at 2026-04-11T12:55:00Z
8
value 0.0294
scoring_system epss
scoring_elements 0.86442
published_at 2026-04-12T12:55:00Z
9
value 0.0294
scoring_system epss
scoring_elements 0.86436
published_at 2026-04-13T12:55:00Z
10
value 0.0294
scoring_system epss
scoring_elements 0.86453
published_at 2026-04-16T12:55:00Z
11
value 0.0294
scoring_system epss
scoring_elements 0.86457
published_at 2026-04-18T12:55:00Z
12
value 0.0294
scoring_system epss
scoring_elements 0.86451
published_at 2026-04-21T12:55:00Z
13
value 0.0294
scoring_system epss
scoring_elements 0.8647
published_at 2026-04-24T12:55:00Z
14
value 0.0294
scoring_system epss
scoring_elements 0.8648
published_at 2026-04-26T12:55:00Z
15
value 0.0294
scoring_system epss
scoring_elements 0.86478
published_at 2026-04-29T12:55:00Z
16
value 0.0294
scoring_system epss
scoring_elements 0.86498
published_at 2026-05-05T12:55:00Z
17
value 0.0294
scoring_system epss
scoring_elements 0.86517
published_at 2026-05-07T12:55:00Z
18
value 0.0294
scoring_system epss
scoring_elements 0.86535
published_at 2026-05-09T12:55:00Z
19
value 0.0294
scoring_system epss
scoring_elements 0.86531
published_at 2026-05-11T12:55:00Z
20
value 0.0294
scoring_system epss
scoring_elements 0.86543
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1942
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942
reference_id CVE-2006-1942
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2006-39
reference_id mfsa2006-39
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2006-39
Weaknesses
Exploits
Severity_range_score0.1 - 3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-z23q-ts2f-17a3