CVE-2004-2225

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2023-12-10 10:17


NVD link : CVE-2004-2225

Mitre link : CVE-2004-2225

CVE.ORG link : CVE-2004-2225


JSON object : View

Products Affected

mozilla

  • firefox