Executive Summary
Summary | |
---|---|
Title | Mozilla products may allow directory traversal |
Informations | |||
---|---|---|---|
Name | VU#309608 | First vendor Publication | 2008-02-11 |
Vendor | VU-CERT | Last vendor Modification | 2008-02-11 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#309608Mozilla products may allow directory traversalOverviewA vulnerability exists in the way Mozilla products with certain extensions handle chrome: URIs that may allow directory traversal.I. DescriptionMozilla extensions are small add-ons that can be integrated with Mozilla products to provide added functionality. Mozilla products contain a vulnerability in the way chrome: URIs are handled when certain browser extentions are installed. According to the Mozilla Foundation Security Advisory 2008-05:the chrome: URI scheme improperly allowed directory traversal that could be used to load JavaScript, images, and stylesheets from local files in known locations. This traversal was possible only when the browser had installed add-ons which used "flat" packaging rather than the more popular .jar packaging, and the attacker would need to target that specific add-on. Mozilla also reports that this vulnerability can be exploited in Mozilla web browsers to obtain cookie data and information about currently opened webpages from the sessionstore.js file. Mozilla has released a partial list of "flat" packaged extentions. II. ImpactA remote, unauthorized attacker may be able to execute code on a vulnerable system or view browser history information.III. SolutionApply an updateAccording to the Mozilla Foundation Security Advisory 2008-05 this vulnerability is addressed in Firefox 2.0.0.12, Thunderbird 2.0.0.12 (unavailable as of 11-Feb-2008) and SeaMonkey 1.1.8.
References
This vulnerability is addressed in Mozilla Foundation Security Advisory 2008-05. Mozilla credits Gerry Eisenhaur for reporting this issue. This document was written by Chris Taschner.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/309608 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10705 | |||
Oval ID: | oval:org.mitre.oval:def:10705 | ||
Title: | Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | ||
Description: | Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0418 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5021982.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_062.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_048.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird USN-582-2 File : nvt/gb_ubuntu_USN_582_2.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1 File : nvt/gb_ubuntu_USN_582_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-576-1 File : nvt/gb_ubuntu_USN_576_1.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0105-02 File : nvt/gb_RHSA-2008_0105-02_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0105-01 File : nvt/gb_RHSA-2008_0105-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0104-01 File : nvt/gb_RHSA-2008_0104-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0103-01 File : nvt/gb_RHSA-2008_0103-01_firefox.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos5 i386 File : nvt/gb_CESA-2008_0105_thunderbird_centos5_i386.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64 File : nvt/gb_CESA-2008_0105_thunderbird_centos5_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64 File : nvt/gb_CESA-2008_0105_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos4 i386 File : nvt/gb_CESA-2008_0105_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64 File : nvt/gb_CESA-2008_0104_seamonkey_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos4 i386 File : nvt/gb_CESA-2008_0104_seamonkey_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos3 i386 File : nvt/gb_CESA-2008_0104_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos3 i386 File : nvt/gb_CESA-2008_0103_firefox_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos3 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos4 i386 File : nvt/gb_CESA-2008_0103_firefox_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos4 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64 File : nvt/gb_CESA-2008_0104_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos5 i386 File : nvt/gb_CESA-2008_0103_firefox_centos5_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos5 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos5_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386 File : nvt/gb_CESA-2008_0104-01_seamonkey_centos2_i386.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_chmsee_fc8.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_devhelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_epiphany-extensions_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_epiphany_fc8.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_firefox_fc8.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_galeon_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gnome-python2-extras_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-web-photo FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gnome-web-photo_fc8.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gtkmozembedmm_fc8.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_kazehakase_fc8.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_liferea_fc8.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_openvrml_fc8.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_ruby-gnome2_fc8.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_yelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for seamonkey FEDORA-2008-1669 File : nvt/gb_fedora_2008_1669_seamonkey_fc7.nasl |
2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2060 File : nvt/gb_fedora_2008_2060_thunderbird_fc8.nasl |
2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2118 File : nvt/gb_fedora_2008_2118_thunderbird_fc7.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_gnome-python2-extras_fc7.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_Miro_fc8.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_Miro_fc7.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_chmsee_fc7.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_devhelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_epiphany-extensions_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_epiphany_fc7.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_firefox_fc7.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_galeon_fc7.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_gtkmozembedmm_fc7.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_kazehakase_fc7.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_liferea_fc7.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_openvrml_fc7.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_ruby-gnome2_fc7.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_yelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for seamonkey FEDORA-2008-1459 File : nvt/gb_fedora_2008_1459_seamonkey_fc8.nasl |
2009-02-16 | Name : Fedora Update for blam FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_blam_fc8.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008 File : nvt/gb_suse_2008_008.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox31.nasl |
2008-03-27 | Name : Debian Security Advisory DSA 1506-2 (iceape) File : nvt/deb_1506_2.nasl |
2008-03-19 | Name : Debian Security Advisory DSA 1485-2 (icedove) File : nvt/deb_1485_2.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1506-1 (iceape) File : nvt/deb_1506_1.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1485-1 (icedove) File : nvt/deb_1485_1.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1489-1 (iceweasel) File : nvt/deb_1489_1.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1484-1 (xulrunner) File : nvt/deb_1484_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-061-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_061_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41187 | Mozilla Firefox chrome: URI Traversal Local Script Inclusion Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-2.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080207_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080207_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080207_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-062.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-048.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner-5118.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner-5123.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_epiphany-5102.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5095.nasl - Type : ACT_GATHER_INFO |
2008-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5098.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-1.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-061-01.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2118.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2060.nasl - Type : ACT_GATHER_INFO |
2008-02-27 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20012.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_810a5197e0d911dc891a02061b08fc24.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1506.nasl - Type : ACT_GATHER_INFO |
2008-02-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : netscape_browser_9006.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5012.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5011.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5001.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5002.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1669.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-1535.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1459.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-1435.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-576-1.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1484.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1489.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1485.nasl - Type : ACT_GATHER_INFO |
2008-02-08 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_118.nasl - Type : ACT_GATHER_INFO |
2008-02-08 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20012.nasl - Type : ACT_GATHER_INFO |