Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2007-10-21T20:00:00
Updated: 2024-08-07T15:24:42.535Z
Reserved: 2007-10-10T00:00:00
Link: CVE-2007-5337
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-10-21T20:17:00.000
Modified: 2018-10-15T21:43:03.463
Link: CVE-2007-5337
Redhat