CVE-2008-4068 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-4068 Interim 1 5 2023-12-09T02:08:17Z current 2021-05-30T12:43:53Z 2023-12-09T02:08:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-4068 Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV/#2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV E-Mail link for SUSE-SA:2008:050 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE/#LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE E-Mail link for openSUSE-SU-2014:1100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI. CVE-2008-4068 important 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N