Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.
- http://www.redhat.com/support/errata/RHSA-2008-0879.html
- http://www.ubuntu.com/usn/usn-645-1
- http://www.ubuntu.com/usn/usn-645-2
- http://www.ubuntu.com/usn/usn-647-1
No PoCs found on GitHub currently.