Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-0355

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: http://www.mandriva.co...
MISC: http://rhn.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://www.ubuntu.com/...
MISC: http://support.avaya.c...
MISC: http://www.mozilla.org...
MISC: https://bugzilla.mozil...
MISC: https://oval.cisecurit...

Launchpad.net

CVE 2009-0355

Related bugs

References