CVE-2008-0418

Priority
Low
Description
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12,
Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat"
addons, allows remote attackers to read arbitrary Javascript, image, and
stylesheet files via the chrome: URI scheme, as demonstrated by stealing
session information from sessionstore.js.
References
Package
Upstream:not-affected (1.1.8)
Package
Upstream:released (2.0.0.12)
Package
Upstream:needs-triage
Package
Upstream:released
Package
Upstream:released (2.0.0.12)
Package
Upstream:needs-triage
Package
Upstream:released (1.8.1.13)
Package
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:31:51 UTC (commit 9756)