Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2013-02-19T23:00:00
Updated: 2024-08-06T14:41:47.126Z
Reserved: 2013-01-02T00:00:00
Link: CVE-2013-0774
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-02-19T23:55:01.457
Modified: 2020-08-06T16:40:01.707
Link: CVE-2013-0774
Redhat