VYPR
Unrated severityNVD Advisory· Published Apr 20, 2006· Updated Jun 16, 2026

CVE-2006-1942

CVE-2006-1942

Description

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:k-meleon_project:k-meleon:0.9.13:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:k-meleon_project:k-meleon:0.9.13:*:*:*:*:*:*:*
    • (no CPE)range: 0.9.13
  • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
    • (no CPE)range: >=1.5.0.2 <1.5.0.4
  • cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:8.0.40:*:*:*:*:*:*:*
    • cpe:2.3:a:netscape:navigator:8.1:*:*:*:*:*:*:*
  • Range: 8.1, 8.0.4, 7.2

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.