Description
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on
Linux systems with gnome-vfs support, might allow remote attackers to read
arbitrary files on SSH/sftp servers that accept key authentication by
creating a web page on the target server, in which the web page contains
URIs with (1) smb: or (2) sftp: schemes that access other files from the
server.
Package
Upstream: | released
(2.0.0.8)
|
Package
Upstream: | released
(2.0.0.8)
|
Updated: 2019-12-05 20:45:37 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)