Symlink Attack Vulnerability in Firefox and Mozilla Suite

Symlink Attack Vulnerability in Firefox and Mozilla Suite

CVE-2005-0578 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.

Learn more about our User Device Pen Test.