CVE-2008-2933 - Secunia Advisories - Vulnerability Intelligence - Secunia.com

Vulnerability Intelligence

Vulnerability Scanning

Corporate Information

Secunia Advisories

Secunia Research

Binary Analysis

Home > Vulnerability Intelligence > Secunia Advisories > CVE-2008-2933

Secunia Advisories

Advisories by Product

Advisories by Vendor

Historic Advisories

Mailing Lists & RSS

Report Vulnerability

Business Solutions Restricted

Restricted

Partner Solutions Restricted

Restricted

CVE Reference: CVE-2008-2933
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2933

Description: Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '\|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/43832 UBUNTU http://www.ubuntu.com/usn/usn-623-1 http://www.ubuntu.com/usn/usn-626-1 http://www.ubuntu.com/usn/usn-626-2 ST 1020500 SLACKWARE http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974 SAID Secunia Advisory: SA31106 Secunia Advisory: SA31120 Secunia Advisory: SA31121 Secunia Advisory: SA31129 Secunia Advisory: SA31157 Secunia Advisory: SA31145 Secunia Advisory: SA31176 Secunia Advisory: SA31183 Secunia Advisory: SA31270 Secunia Advisory: SA31261 Secunia Advisory: SA31306 Secunia Advisory: SA31377 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0598.html http://www.redhat.com/support/errata/RHSA-2008-0597.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:148 GENTOO http://security.gentoo.org/glsa/glsa-200808-03.xml DEBIAN http://www.debian.org/security/2008/dsa-1615 http://www.debian.org/security/2008/dsa-1614 CONFIRM http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238 http://www.mozilla.org/security/announce/2008/mfsa2008-35.html CERT-VN 130923 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/494860/100/0/threaded BID 30242

Return to the previous page.

Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2009