CVE-2008-0418 in Firefoxinfo

Summary

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

01/23/2008

Disclosure

02/08/2008

Moderation

VulDB entry created

Entries

VDB-3567

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.38662

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-0418
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0418
CVE Details	https://www.cvedetails.com/cve/CVE-2008-0418/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!