CVE-2007-3073 — Path Traversal in Mozilla Firefox

2 documents2 sources

Severity

7.8HIGHNVD

EPSS

1.5%

top 18.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedJun 6

Latest updateMay 1

Description

Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDmozilla/firefox2.0.0.4

🔴Vulnerability Details

GHSA

GHSA-c6fg-jhfr-pxqg: Directory traversal vulnerability in Mozilla Firefox 2↗2022-05-01

▶