CVE-2008-0418
published 2008-02-08CVE-2008-0418: Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows…
PriorityP426medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
8.63%
94.4th percentile
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | <= 2.0.0.11 | — |
| mozilla | seamonkey | <= 1.1.7 | — |
| mozilla | thunderbird | <= 2.0.0.11 | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_ubuntu9.3CRITICAL
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Thunderbird regression
vendor_ubuntu·2008-03-06·CVSS 7.5
[HIGH] Thunderbird regression
Title: Thunderbird regression
Summary: Thunderbird regression
USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream
fixes were incomplete, and after performing certain actions Thunderbird
would crash due to memory errors. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Thunderbird did not properly set the size of a
buffer when parsing an external-body MIME-type. If a user were to open
a specially crafted email, an attacker could cause a denial of service
via application crash or possibly execute arbitrary code as the user.
(CVE-2008-0304)
Various flaws were discovered in Thunderbird and its JavaScript
engine. By tricking a user into opening a malicious message, an
attacker could execute arbitrary code
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2008-02-29·CVSS 7.5
CVE-2008-0304 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
It was discovered that Thunderbird did not properly set the size of a
buffer when parsing an external-body MIME-type. If a user were to open
a specially crafted email, an attacker could cause a denial of service
via application crash or possibly execute arbitrary code as the user.
(CVE-2008-0304)
Various flaws were discovered in Thunderbird and its JavaScript
engine. By tricking a user into opening a malicious message, an
attacker could execute arbitrary code with the user's privileges.
(CVE-2008-0412, CVE-2008-0413)
Various flaws were discovered in the JavaScript engine. By tricking
a user into opening a malicious message, an attacker could escalate
privileges within Thunderbird, perform cross-site scripting attac
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2008-02-08·CVSS 9.3
CVE-2008-0412 [CRITICAL] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
Various flaws were discovered in the browser and JavaScript engine.
By tricking a user into opening a malicious web page, an attacker
could execute arbitrary code with the user's privileges.
(CVE-2008-0412, CVE-2008-0413)
Flaws were discovered in the file upload form control. A malicious
website could force arbitrary files from the user's computer to be
uploaded without consent. (CVE-2008-0414)
Various flaws were discovered in the JavaScript engine. By tricking
a user into opening a malicious web page, an attacker could escalate
privileges within the browser, perform cross-site scripting attacks
and/or execute arbitrary code with the user's privileges. (CVE-2008-0415)
Various flaws were discovered in character encoding ha
Red Hat
chrome: directory traversal
vendor_redhat·2008-02-07·CVSS 4.3
CVE-2008-0418 [MEDIUM] chrome: directory traversal
chrome: directory traversal
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
GHSA
GHSA-2rxc-55rq-5r4c: Directory traversal vulnerability in Mozilla Firefox before 2
ghsa_unreviewed·2022-05-01
CVE-2008-0418 [MEDIUM] CWE-22 GHSA-2rxc-55rq-5r4c: Directory traversal vulnerability in Mozilla Firefox before 2
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
No detection rules found.
http://browser.netscape.com/releasenotes/http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.htmlhttp://secunia.com/advisories/28622/http://secunia.com/advisories/28754http://secunia.com/advisories/28766http://secunia.com/advisories/28808http://secunia.com/advisories/28815http://secunia.com/advisories/28818http://secunia.com/advisories/28839http://secunia.com/advisories/28864http://secunia.com/advisories/28865http://secunia.com/advisories/28877http://secunia.com/advisories/28879http://secunia.com/advisories/28924http://secunia.com/advisories/28939http://secunia.com/advisories/28958http://secunia.com/advisories/29049http://secunia.com/advisories/29086http://secunia.com/advisories/29098http://secunia.com/advisories/29164http://secunia.com/advisories/29167http://secunia.com/advisories/29211http://secunia.com/advisories/29567http://secunia.com/advisories/30327http://secunia.com/advisories/30620http://secunia.com/advisories/31043http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.htmlhttp://wiki.rpath.com/Advisories:rPSA-2008-0051http://wiki.rpath.com/Advisories:rPSA-2008-0093http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093http://www.debian.org/security/2008/dsa-1484http://www.debian.org/security/2008/dsa-1485http://www.debian.org/security/2008/dsa-1489http://www.debian.org/security/2008/dsa-1506http://www.gentoo.org/security/en/glsa/glsa-200805-18.xmlhttp://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/http://www.kb.cert.org/vuls/id/309608http://www.mandriva.com/security/advisories?name=MDVSA-2008:048http://www.mandriva.com/security/advisories?name=MDVSA-2008:062http://www.mozilla.org/security/announce/2008/mfsa2008-05.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0103.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0104.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0105.htmlhttp://www.securityfocus.com/archive/1/487826/100/0/threadedhttp://www.securityfocus.com/archive/1/488002/100/0/threadedhttp://www.securityfocus.com/archive/1/488971/100/0/threadedhttp://www.securityfocus.com/bid/27406http://www.securitytracker.com/id?1019329http://www.ubuntu.com/usn/usn-576-1http://www.ubuntu.com/usn/usn-582-1http://www.ubuntu.com/usn/usn-582-2http://www.vupen.com/english/advisories/2008/0263http://www.vupen.com/english/advisories/2008/0453/referenceshttp://www.vupen.com/english/advisories/2008/0454/referenceshttp://www.vupen.com/english/advisories/2008/0627/referenceshttp://www.vupen.com/english/advisories/2008/1793/referenceshttp://www.vupen.com/english/advisories/2008/2091/referenceshttps://issues.rpath.com/browse/RPL-1995https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10705https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.htmlhttp://browser.netscape.com/releasenotes/http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.htmlhttp://secunia.com/advisories/28622/http://secunia.com/advisories/28754http://secunia.com/advisories/28766http://secunia.com/advisories/28808http://secunia.com/advisories/28815http://secunia.com/advisories/28818http://secunia.com/advisories/28839http://secunia.com/advisories/28864http://secunia.com/advisories/28865http://secunia.com/advisories/28877http://secunia.com/advisories/28879http://secunia.com/advisories/28924http://secunia.com/advisories/28939http://secunia.com/advisories/28958http://secunia.com/advisories/29049http://secunia.com/advisories/29086http://secunia.com/advisories/29098http://secunia.com/advisories/29164http://secunia.com/advisories/29167http://secunia.com/advisories/29211http://secunia.com/advisories/29567http://secunia.com/advisories/30327http://secunia.com/advisories/30620http://secunia.com/advisories/31043http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.htmlhttp://wiki.rpath.com/Advisories:rPSA-2008-0051http://wiki.rpath.com/Advisories:rPSA-2008-0093http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093
+ 34 more references
2008-02-08
Published