Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2225

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2225
Last Modified 05 Sep 2008 04:43:32
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2225

Summary

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.

Vulnerable Systems

Application

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox Preview Release


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=259708

BID - 11311

OSVDB - 10478

SECTRACK - 1011501

SECUNIA - 12708

CONFIRM - http://www.mozilla.org/projects/security/older-vulnerabilities.html#firefox0.10.1


Last Updated: 27 May 2016 10:39:24