CVE-2011-0071
Published: 4 May 2011
Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
dapper |
Ignored
(reached end-of-life)
|
| hardy |
Ignored
(uses system xulrunner)
|
|
| lucid |
Released
(3.6.17+build3+nobinonly-0ubuntu0.10.04.1)
|
|
| maverick |
Released
(3.6.17+build3+nobinonly-0ubuntu0.10.10.1)
|
|
| natty |
Not vulnerable
(4.0+nobinonly-0ubuntu3)
|
|
| oneiric |
Not vulnerable
(5.0~b2+build1+nobinonly-0ubuntu2)
|
|
| precise |
Not vulnerable
(5.0~b2+build1+nobinonly-0ubuntu2)
|
|
| quantal |
Not vulnerable
(5.0~b2+build1+nobinonly-0ubuntu2)
|
|
| raring |
Not vulnerable
(5.0~b2+build1+nobinonly-0ubuntu2)
|
|
| saucy |
Not vulnerable
(5.0~b2+build1+nobinonly-0ubuntu2)
|
|
| upstream |
Released
(3.6.17)
|
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(3.6.17+build3+nobinonly-0ubuntu0.8.04.1)
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Released
(3.6.17)
|
|
|
firefox-3.5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Released
(3.6.17+build3+nobinonly-0ubuntu0.9.10.1)
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Released
(3.6.17)
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Ignored
(reached end-of-life)
|
|
| lucid |
Ignored
(reached end-of-life)
|
|
| maverick |
Ignored
(reached end-of-life)
|
|
| natty |
Ignored
(reached end-of-life)
|
|
| oneiric |
Ignored
(reached end-of-life)
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
thunderbird Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Ignored
(reached end-of-life)
|
|
| lucid |
Released
(3.1.10+build1+nobinonly-0ubuntu0.10.04.1)
|
|
| maverick |
Released
(3.1.10+build1+nobinonly-0ubuntu0.10.10.1)
|
|
| natty |
Released
(3.1.10+build1+nobinonly-0ubuntu0.11.04.1)
|
|
| oneiric |
Not vulnerable
|
|
| precise |
Not vulnerable
|
|
| quantal |
Not vulnerable
|
|
| raring |
Not vulnerable
|
|
| saucy |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
xulrunner-1.9.2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1)
|
|
| karmic |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1)
|
|
| lucid |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1)
|
|
| maverick |
Released
(1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1)
|
|
| natty |
Released
(1.9.2.17+build3+nobinonly-0ubuntu1)
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Released
(1.9.2.17)
|