CVE-2005-0142

Sažetak

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.

Reference

http://secunia.com/advisories/19823
http://www.mozilla.org/security/announce/mfsa2005-02.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.redhat.com/support/errata/RHSA-2005-335.html
http://www.redhat.com/support/errata/RHSA-2005-384.html
https://bugzilla.mozilla.org/show_bug.cgi?id=251297
https://exchange.xforce.ibmcloud.com/vulnerabilities/17832
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9543

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-10-2017 - 01:29

Objavljeno

02-05-2005 - 04:00