Description
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Gerry Eisenhaur · textremotelinux
https://www.exploit-db.com/exploits/31051
References (67)
Core 67
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0104.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-582-2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019329
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-576-1
Various Sources x_refsource_confirm
http://browser.netscape.com/releasenotes/
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28939
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1506
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/309608
Vendor Advisory vendor-advisory
x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1995
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28766
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28622/
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28818
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30620
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28865
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29049
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0453/references
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0103.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28877
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28879
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-582-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29167
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29567
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0105.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28958
Vendor Advisory x_refsource_confirm
http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30327
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488971/100/0/threaded
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1489
Various Sources x_refsource_confirm
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488002/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487826/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29086
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28815
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0454/references
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28864
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1485
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28924
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1793/references
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2008-0093
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2091/references
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29164
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29211
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2008-0051
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:062
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1484
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28808
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0263
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10705
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0627/references
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28754
Various Sources x_refsource_misc
http://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27406
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:048
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31043
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29098
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28839
Scores
EPSS
0.3866
EPSS Percentile
97.3%
Details
CWE
CWE-22
Status
published
Products (3)
mozilla/firefox
< 2.0.0.11
mozilla/seamonkey
< 1.1.7
mozilla/thunderbird
< 2.0.0.11
Published
Feb 08, 2008
Tracked Since
Feb 18, 2026