CVE ID:	CVE-2008-4068
Description:	Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.
Test IDs:	1.3.6.1.4.1.25623.1.0.63143   1.3.6.1.4.1.25623.1.0.61770   1.3.6.1.4.1.25623.1.0.61907
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4068 1020921 http://www.securitytracker.com/id?1020921 256408 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 31346 http://www.securityfocus.com/bid/31346 31984 http://secunia.com/advisories/31984 31985 http://secunia.com/advisories/31985 31987 http://secunia.com/advisories/31987 32007 http://secunia.com/advisories/32007 32010 http://secunia.com/advisories/32010 32011 http://secunia.com/advisories/32011 32012 http://secunia.com/advisories/32012 32025 http://secunia.com/advisories/32025 32042 http://secunia.com/advisories/32042 32044 http://secunia.com/advisories/32044 32082 http://secunia.com/advisories/32082 32089 http://secunia.com/advisories/32089 32092 http://secunia.com/advisories/32092 32095 http://secunia.com/advisories/32095 32096 http://secunia.com/advisories/32096 32144 http://secunia.com/advisories/32144 32185 http://secunia.com/advisories/32185 32196 http://secunia.com/advisories/32196 32845 http://secunia.com/advisories/32845 33433 http://secunia.com/advisories/33433 33434 http://secunia.com/advisories/33434 34501 http://secunia.com/advisories/34501 ADV-2008-2661 http://www.vupen.com/english/advisories/2008/2661 ADV-2009-0977 http://www.vupen.com/english/advisories/2009/0977 DSA-1649 http://www.debian.org/security/2008/dsa-1649 DSA-1669 http://www.debian.org/security/2008/dsa-1669 DSA-1696 http://www.debian.org/security/2009/dsa-1696 DSA-1697 http://www.debian.org/security/2009/dsa-1697 FEDORA-2008-8401 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html FEDORA-2008-8425 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html FEDORA-2008-8429 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html MDVSA-2008:205 http://www.mandriva.com/security/advisories?name=MDVSA-2008:205 MDVSA-2008:206 http://www.mandriva.com/security/advisories?name=MDVSA-2008:206 RHSA-2008:0879 http://www.redhat.com/support/errata/RHSA-2008-0879.html RHSA-2008:0882 http://www.redhat.com/support/errata/RHSA-2008-0882.html RHSA-2008:0908 http://www.redhat.com/support/errata/RHSA-2008-0908.html SSA:2008-269-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232 SSA:2008-269-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422 SSA:2008-270-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123 SUSE-SA:2008:050 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html USN-645-1 http://www.ubuntu.com/usn/usn-645-1 USN-645-2 http://www.ubuntu.com/usn/usn-645-2 USN-647-1 http://www.ubuntu.com/usn/usn-647-1 http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://www.mozilla.org/security/announce/2008/mfsa2008-44.html http://www.mozilla.org/security/announce/2008/mfsa2008-44.html mozilla-resourceprotocol-info-disclosure(45360) https://exchange.xforce.ibmcloud.com/vulnerabilities/45360 oval:org.mitre.oval:def:11471 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11471