CVE-2004-1449 — Mozilla vulnerability

3 documents3 sources

Severity

2.6LOWNVD

EPSS

0.3%

top 42.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Firebirdsql Firebird Mozilla Mozilla Thunderbird

Timeline

PublishedDec 31

Latest updateApr 29

Description

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages3 packages

▶NVDmozilla/thunderbird6 versions+5

▶NVDmozilla/mozilla28 versions+27

▶NVDfirebirdsql/firebird0.7

🔴Vulnerability Details

GHSA

GHSA-pg5m-35hf-fg8v: Mozilla before 1↗2022-04-29

▶

CVEList

CVE-2004-1449: Mozilla before 1↗2005-02-13

▶