JavaScript Worker Directory Name Disclosure Vulnerability

JavaScript Worker Directory Name Disclosure Vulnerability

CVE-2013-0774 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.

Learn more about our Web Application Penetration Testing UK.