Vulnerabilities > CVE-2006-3731 - Denial-Of-Service vulnerability in Firefox

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
high complexity
mozilla

Summary

Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.

Statements

contributorMark J Cox
lastmodified2006-08-30
organizationRed Hat
statementWe do not consider a user-assisted crash of a client application such as Firefox to be a security issue.