|Date: (C)2008-09-24 (M)2017-11-18|| |
Directory traversal vulnerability in Mozilla Firefox before 22.214.171.124 and 3.x before 3.0.2, Thunderbird before 126.96.36.199, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.
|CVSS Score: 7.8||Access Vector: NETWORK|
|Exploit Score: 10.0||Access Complexity: LOW|
|Impact Score: 6.9||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: NONE|
| ||Availability: NONE|