New Search

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.

oval:org.mitre.oval:def:10770

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 5
  • CentOS Linux 3
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2008-4067
Product(s):