CVE-2013-1671

Опубликовано: 14 мая 2013

Источник: redhat

CVSS2: 4.3

Описание

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

Отчет

This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5 and 6

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	firefox	Not affected
Red Hat Enterprise Linux 5	thunderbird	Not affected
Red Hat Enterprise Linux 6	firefox	Not affected
Red Hat Enterprise Linux 6	thunderbird	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=962597Mozilla: File input control has access to full path (MFSA 2013-43)

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2013-1671

ubuntu

больше 12 лет назад

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

CVE-2013-1671

nvd

больше 12 лет назад

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

CVE-2013-1671

debian

больше 12 лет назад

Mozilla Firefox before 21.0 does not properly implement the INPUT elem ...

GHSA-r9m2-q2gr-6g6w

github

больше 3 лет назад

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

4.3 Medium

CVSS2