CVE-2008-4068 Information

Feb 14, 2021 cve

Description

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to bypass \restrictions imposed on local HTML files\ and obtain sensitive information and prompt users to write this information into a file via directory traversal sequences in a resource: URI.

Reference

http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html http://secunia.com/advisories/31984 http://secunia.com/advisories/31985 http://secunia.com/advisories/31987 http://secunia.com/advisories/32007 http://secunia.com/advisories/32010 http://secunia.com/advisories/32011 http://secunia.com/advisories/32012 http://secunia.com/advisories/32025 http://secunia.com/advisories/32042 http://secunia.com/advisories/32044 http://secunia.com/advisories/32082 http://secunia.com/advisories/32089 http://secunia.com/advisories/32092 http://secunia.com/advisories/32095 http://secunia.com/advisories/32096 http://secunia.com/advisories/32144 http://secunia.com/advisories/32185 http://secunia.com/advisories/32196 http://secunia.com/advisories/32845 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://secunia.com/advisories/34501 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.debian.org/security/2008/dsa-1649 http://www.debian.org/security/2008/dsa-1669 http://www.debian.org/security/2009/dsa-1696 http://www.debian.org/security/2009/dsa-1697 http://www.mandriva.com/security/advisories?name=MDVSA-2008:205 http://www.mandriva.com/security/advisories?name=MDVSA-2008:206 http://www.mozilla.org/security/announce/2008/mfsa2008-44.html http://www.redhat.com/support/errata/RHSA-2008-0879.html http://www.redhat.com/support/errata/RHSA-2008-0882.html http://www.redhat.com/support/errata/RHSA-2008-0908.html http://www.securityfocus.com/bid/31346 http://www.securitytracker.com/id?1020921 http://www.ubuntu.com/usn/usn-645-1 http://www.ubuntu.com/usn/usn-645-2 http://www.ubuntu.com/usn/usn-647-1 http://www.vupen.com/english/advisories/2008/2661 http://www.vupen.com/english/advisories/2009/0977 https://exchange.xforce.ibmcloud.com/vulnerabilities/45360 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11471 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html

Share on: