CVE-2008-4067 Information

Feb 14, 2021 cve

Description

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.

Reference

http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html http://secunia.com/advisories/31984 http://secunia.com/advisories/31985 http://secunia.com/advisories/31987 http://secunia.com/advisories/32007 http://secunia.com/advisories/32010 http://secunia.com/advisories/32011 http://secunia.com/advisories/32012 http://secunia.com/advisories/32025 http://secunia.com/advisories/32042 http://secunia.com/advisories/32044 http://secunia.com/advisories/32082 http://secunia.com/advisories/32089 http://secunia.com/advisories/32092 http://secunia.com/advisories/32095 http://secunia.com/advisories/32096 http://secunia.com/advisories/32144 http://secunia.com/advisories/32185 http://secunia.com/advisories/32196 http://secunia.com/advisories/32845 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://secunia.com/advisories/34501 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.0x000000.com/?i=422 http://www.debian.org/security/2008/dsa-1649 http://www.debian.org/security/2008/dsa-1669 http://www.debian.org/security/2009/dsa-1696 http://www.debian.org/security/2009/dsa-1697 http://www.mandriva.com/security/advisories?name=MDVSA-2008:205 http://www.mandriva.com/security/advisories?name=MDVSA-2008:206 http://www.mozilla.org/security/announce/2008/mfsa2008-44.html http://www.redhat.com/support/errata/RHSA-2008-0879.html http://www.redhat.com/support/errata/RHSA-2008-0882.html http://www.redhat.com/support/errata/RHSA-2008-0908.html http://www.securityfocus.com/bid/31346 http://www.securitytracker.com/id?1020921 http://www.ubuntu.com/usn/usn-645-1 http://www.ubuntu.com/usn/usn-645-2 http://www.ubuntu.com/usn/usn-647-1 http://www.vupen.com/english/advisories/2008/2661 http://www.vupen.com/english/advisories/2009/0977 https://bugzilla.mozilla.org/show_bug.cgi?id=380994 https://bugzilla.mozilla.org/show_bug.cgi?id=394075 https://exchange.xforce.ibmcloud.com/vulnerabilities/45359 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10770 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html

Share on: