CVE - CVE-2006-6506

CVE-ID
CVE-2006-6506	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:21668 URL:http://www.securityfocus.com/bid/21668 CERT:TA06-354A URL:http://www.us-cert.gov/cas/techalerts/TA06-354A.html CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-75.html GENTOO:GLSA-200701-02 URL:http://security.gentoo.org/glsa/glsa-200701-02.xml HP:HPSBUX02153 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HP:SSRT061181 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 MISC:http://www.legroom.net/modules.php?op=modload&name=News&file=article&sid=215 SECTRACK:1017421 URL:http://securitytracker.com/id?1017421 SECUNIA:23282 URL:http://secunia.com/advisories/23282 SECUNIA:23545 URL:http://secunia.com/advisories/23545 SECUNIA:23589 URL:http://secunia.com/advisories/23589 SECUNIA:23614 URL:http://secunia.com/advisories/23614 SECUNIA:23672 URL:http://secunia.com/advisories/23672 SUSE:SUSE-SA:2006:080 URL:http://www.novell.com/linux/security/advisories/2006_80_mozilla.html SUSE:SUSE-SA:2007:006 URL:http://www.novell.com/linux/security/advisories/2007_06_mozilla.html UBUNTU:USN-398-1 URL:http://www.ubuntu.com/usn/usn-398-1 VUPEN:ADV-2006-5068 URL:~~http://www.vupen.com/english/advisories/2006/5068~~ (Obsolete source) VUPEN:ADV-2008-0083 URL:~~http://www.vupen.com/english/advisories/2008/0083~~ (Obsolete source)
Assigning CNA
Red Hat, Inc.
Date Record Created
20061213	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061213)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)