Your submission was sent successfully! Close

CVE-2007-5337

Published: 21 October 2007

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.

Priority

Unknown

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.0.8)
mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.0.8)