Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-0418
Description:Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
Test IDs: 1.3.6.1.4.1.25623.1.0.60473   1.3.6.1.4.1.25623.1.0.60342   1.3.6.1.4.1.25623.1.0.60335   1.3.6.1.4.1.25623.1.0.60336   1.3.6.1.4.1.25623.1.0.60362   1.3.6.1.4.1.25623.1.0.60363   1.3.6.1.4.1.25623.1.0.60364   1.3.6.1.4.1.25623.1.0.60536   1.3.6.1.4.1.25623.1.0.60575   1.3.6.1.4.1.25623.1.0.60357  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-0418
BugTraq ID: 27406
http://www.securityfocus.com/bid/27406
Bugtraq: 20080209 rPSA-2008-0051-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/487826/100/0/threaded
Bugtraq: 20080212 FLEA-2008-0001-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/488002/100/0/threaded
Bugtraq: 20080229 rPSA-2008-0093-1 thunderbird (Google Search)
http://www.securityfocus.com/archive/1/488971/100/0/threaded
CERT/CC vulnerability note: VU#309608
http://www.kb.cert.org/vuls/id/309608
Debian Security Information: DSA-1484 (Google Search)
http://www.debian.org/security/2008/dsa-1484
Debian Security Information: DSA-1485 (Google Search)
http://www.debian.org/security/2008/dsa-1485
Debian Security Information: DSA-1489 (Google Search)
http://www.debian.org/security/2008/dsa-1489
Debian Security Information: DSA-1506 (Google Search)
http://www.debian.org/security/2008/dsa-1506
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html
http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:048
http://www.mandriva.com/security/advisories?name=MDVSA-2008:062
http://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10705
RedHat Security Advisories: RHSA-2008:0103
http://www.redhat.com/support/errata/RHSA-2008-0103.html
RedHat Security Advisories: RHSA-2008:0104
http://www.redhat.com/support/errata/RHSA-2008-0104.html
RedHat Security Advisories: RHSA-2008:0105
http://www.redhat.com/support/errata/RHSA-2008-0105.html
http://www.securitytracker.com/id?1019329
http://secunia.com/advisories/28622/
http://secunia.com/advisories/28754
http://secunia.com/advisories/28766
http://secunia.com/advisories/28808
http://secunia.com/advisories/28815
http://secunia.com/advisories/28818
http://secunia.com/advisories/28839
http://secunia.com/advisories/28864
http://secunia.com/advisories/28865
http://secunia.com/advisories/28877
http://secunia.com/advisories/28879
http://secunia.com/advisories/28924
http://secunia.com/advisories/28939
http://secunia.com/advisories/28958
http://secunia.com/advisories/29049
http://secunia.com/advisories/29086
http://secunia.com/advisories/29098
http://secunia.com/advisories/29164
http://secunia.com/advisories/29167
http://secunia.com/advisories/29211
http://secunia.com/advisories/29567
http://secunia.com/advisories/30327
http://secunia.com/advisories/30620
http://secunia.com/advisories/31043
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1
SuSE Security Announcement: SUSE-SA:2008:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html
http://www.ubuntu.com/usn/usn-576-1
http://www.ubuntu.com/usn/usn-582-1
http://www.ubuntu.com/usn/usn-582-2
http://www.vupen.com/english/advisories/2008/0263
http://www.vupen.com/english/advisories/2008/0453/references
http://www.vupen.com/english/advisories/2008/0454/references
http://www.vupen.com/english/advisories/2008/0627/references
http://www.vupen.com/english/advisories/2008/1793/references
http://www.vupen.com/english/advisories/2008/2091/references




© 1998-2021 E-Soft Inc. All rights reserved.