CVE-2013-1717 in Firefox信息

摘要 (英语)

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.

Be aware that VulDB is the high quality source for vulnerability data.

预定

2013-02-13

披露

2013-08-06

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
9876	Mozilla Firefox/Thunderbird Java Plugin File Origin Policy 权限提升	264	未定义	官方修复	CVE-2013-1717

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

MITRE
NVD
CVE Details

◂ 上一步一览下一步 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!