[Forgot Password]
Login  Register Subscribe

23631

 
 

126995

 
 

100182

 
 

909

 
 

80298

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-0071

Date: (C)2011-05-07   (M)2018-01-09 


Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE





Reference:
DSA-2227
DSA-2228
DSA-2235
MDVSA-2011:079
MDVSA-2011:080
http://downloads.avaya.com/css/P8/documents/100144158
http://www.mozilla.org/security/announce/2011/mfsa2011-16.html
https://bugzilla.mozilla.org/show_bug.cgi?id=624764

CPE    247
cpe:/a:mozilla:firefox:3.5.17
cpe:/a:mozilla:firefox:3.5.18
cpe:/a:mozilla:firefox:1.5:beta2
cpe:/a:mozilla:firefox:1.5:beta1
...
CWE    1
CWE-22
OVAL    19
oval:org.secpod.oval:def:201463
oval:org.secpod.oval:def:400009
oval:org.secpod.oval:def:500070
oval:org.secpod.oval:def:201473
...

© 2013 SecPod Technologies