First published: Wed Sep 24 2008(Updated: )
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Debian Linux | =4.0 | |
Canonical Ubuntu Linux | =6.06 | |
Canonical Ubuntu Linux | =7.04 | |
Canonical Ubuntu Linux | =7.10 | |
Canonical Ubuntu Linux | =8.04 | |
Mozilla Firefox | <2.0.0.17 | |
Mozilla Firefox | >=3.0<3.0.2 | |
Mozilla SeaMonkey | <1.1.12 | |
Mozilla Thunderbird | <2.0.0.17 | |
Linux Linux kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.