CVE-2008-2933

Priority
Description
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|'
(pipe) characters in a command-line URI as requests to open multiple tabs,
which allows remote attackers to access chrome:i URIs, or read arbitrary
local files via manipulations involving a series of URIs that is not
entirely handled by a vector application, as exploited in conjunction with
CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for
CVE-2005-2267.
Package
Upstream:released (3.0.1)
Package
Upstream:released (3.0.1)
Package
Upstream:not-affected
Package
Upstream:not-affected
Package
Upstream:released (3.0.1)
Package
Upstream:not-affected
Package
Upstream:not-affected
Package
Upstream:not-affected
Package
Upstream:not-affected
Package
Upstream:not-affected
More Information

Updated: 2019-01-14 21:45:38 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)