Arbitrary File Existence Disclosure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Arbitrary File Existence Disclosure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2011-0071 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.