CVE-2006-3731

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 1.5.0.4 and earlier

Description The issue allows remote user-assisted attackers to cause a denial of service, resulting in a crash, by submitting a form with a multipart/form-data encoding and a user-uploaded file. It has been suggested by a third party that this issue might be related to the LiveHTTPHeaders extension.

Recommendations For Mozilla Firefox versions 1.5.0.4 and earlier, consider disabling the handling of multipart/form-data encodings for user-uploaded files as a temporary workaround until a fix is available. Restrict access to user-uploaded files to minimize the risk of exploitation.