CVE-2008-0418

Priority
Low
Description
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12,
Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat"
addons, allows remote attackers to read arbitrary Javascript, image, and
stylesheet files via the chrome: URI scheme, as demonstrated by stealing
session information from sessionstore.js.
References
Package
Upstream:not-affected (1.1.8)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Package
Upstream:released (2.0.0.12)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.12+2nobinonly+2-0ubuntu3)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:released
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:released (2.0.0.12)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.12+nobinonly-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:released (1.8.1.13)
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.1.13+nobinonly-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:33 UTC (commit 5347)