CVE-2006-6077

Priority
Untriaged
Description
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier;
and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions,
do not properly verify that an ACTION URL in a FORM element containing a
password INPUT element matches the web site for which the user stored a
password, which allows remote attackers to obtain passwords via a password
INPUT element on a different web page located on the web site intended for
this password.
References
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:28:39 UTC (commit 9756)