Vulnerability Description
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | <= 3.0.5 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html
- http://rhn.redhat.com/errata/RHSA-2009-0256.html
- http://secunia.com/advisories/33799Vendor Advisory
- http://secunia.com/advisories/33808Vendor Advisory
- http://secunia.com/advisories/33809Vendor Advisory
- http://secunia.com/advisories/33816Vendor Advisory
- http://secunia.com/advisories/33831Vendor Advisory
- http://secunia.com/advisories/33841Vendor Advisory
- http://secunia.com/advisories/33846Vendor Advisory
- http://secunia.com/advisories/33869Vendor Advisory
- http://secunia.com/advisories/34324Vendor Advisory
- http://secunia.com/advisories/34417Vendor Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:044
- http://www.mozilla.org/security/announce/2009/mfsa2009-03.htmlVendor Advisory
FAQ
What is CVE-2009-0355?
CVE-2009-0355 is a vulnerability with a CVSS score of 5.4 (MEDIUM). components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attacker...
How severe is CVE-2009-0355?
CVE-2009-0355 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0355?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.