Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2007-3072

Published: 06/06/2007 Updated: 16/10/2018
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 632
Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N
Subscribe to Firefox

Vulnerability Summary

Directory traversal vulnerability in Mozilla Firefox prior to 2.0.0.4 on Windows allows remote malicious users to read arbitrary files via ..%5C (dot dot encoded backslash) sequences in a resource:// URI.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 2.0.0.2

mozilla firefox 2.0.0.3

mozilla firefox 2.0

mozilla firefox 2.0.0.1

References

CWE-22http://ha.ckers.org/blog/20070516/read-firefox-settings-poc/http://ha.ckers.org/blog/20070516/read-firefox-settings-poc/#comment-35888http://larholm.com/2007/05/25/firefox-0day-local-file-reading/http://larholm.com/2007/06/04/unpatched-input-validation-flaw-in-firefox-2004/https://bugzilla.mozilla.org/show_bug.cgi?id=367428http://secunia.com/advisories/25481http://osvdb.org/35922http://www.securityfocus.com/archive/1/470500/100/0/threadedhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook