[VU:130923] Mozilla Firefox command line URI handling vulnerability
Severity
Low
CVEs
1
Overview
Mozilla Firefox contains a vulnerability that may allow an attacker to bypass security restrictions by opening specially crafted URIs using the Firefox command line interface.
Impact
A remote attacker may be able to use this vulnerability to bypass security restrictions, or to aid in the exploitation of other vulnerabilities.
Solution
Upgrade
Per Mozilla Foundation Security Advisory 2008-35 this issue has been addressed in Firefox 3.0.1 and Firefox 2.0.0.16.
Acknowledgements
Thanks to Mozilla for information that was used in this report. Mozilla credits Billy Rios for reporting this issue and Ben Turner and Dan Veditz for discovering additional attack vectors.
- ID
- VU:130923
- Severity
- low
- Severity from
- CVE-2008-2933
- URL
- https://kb.cert.org/vuls/id/130923
- Published
-
2008-07-16T15:39:06
(16 years ago) - Modified
-
2008-07-16T18:41:09
(16 years ago) - Rights
- Copyright 2008, CERT Coordination Center (CERT/CC)
- Other Advisories
ELSA-2008-0597
FEDORA-2008-6491
GLSA-200808-03
USN-623-1| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |