CVE-2008-4068

Priority
Medium
Description
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and
3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12
allows remote attackers to bypass "restrictions imposed on local HTML
files," and obtain sensitive information and prompt users to write this
information into a file, via directory traversal sequences in a resource:
URI.
References
Package
Upstream:released (3.0.3)
Ubuntu 8.04 LTS (Hardy Heron):released (3.0.3+build1+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (2.0.0.17)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.17+1nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.3+build1+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.04 (Natty Narwhal):released (3.0.3+build1+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.10 (Oneiric Ocelot):released (3.0.3+build1+nobinonly-0ubuntu0.8.04.1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (1.1.12)
Ubuntu 8.04 LTS (Hardy Heron):released (1.1.12+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.1.12+nobinonly-0ubuntu1)
Ubuntu 11.04 (Natty Narwhal):released (1.1.12+nobinonly-0ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):released (1.1.12+nobinonly-0ubuntu1)
Package
Upstream:released (2.0.0.17)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.17+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.0.0.17+nobinonly-0ubuntu1)
Ubuntu 11.04 (Natty Narwhal):released (2.0.0.17+nobinonly-0ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):released (2.0.0.17+nobinonly-0ubuntu1)
Package
Upstream:released (1.9.0.3)
Ubuntu 8.04 LTS (Hardy Heron):released (1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:04 UTC (commit 5347)