Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2007-10-21 20:17
Updated : 2024-02-04 17:13
NVD link : CVE-2007-5337
Mitre link : CVE-2007-5337
CVE.ORG link : CVE-2007-5337
JSON object : View
Products Affected
gnome
- gnome-vfs
mozilla
- firefox
- seamonkey
linux
- linux_kernel
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor