Описание
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00783
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 20 лет назад
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitr ...
github
больше 3 лет назад
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
EPSS
Процентиль: 73%
0.00783
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other