|Date: (C)2008-09-24 (M)2017-11-18|| |
Directory traversal vulnerability in Mozilla Firefox before 184.108.40.206 and 3.x before 3.0.2, Thunderbird before 220.127.116.11, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.
|CVSS Score: 7.8||Access Vector: NETWORK|
|Exploit Score: 10.0||Access Complexity: LOW|
|Impact Score: 6.9||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: NONE|
| ||Availability: NONE|