发布时间 :2004-08-18 00:00:00
修订时间 :2017-10-10 21:29:32

[原文]Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.

[CNNVD]Mozilla Browser/Firefox未明JavaScript引擎整数溢出漏洞(CNNVD-200408-157)

        Mozilla Browser和Firefox都是非常流行的开放源码WEB浏览器。

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11153Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an input type="file" tag.

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BID  15495
(UNKNOWN)  XF  mozilla-warning-file-upload(16870)

- 漏洞信息

Mozilla Browser/Firefox未明JavaScript引擎整数溢出漏洞
中危 访问验证错误
2004-08-18 00:00:00 2006-04-07 00:00:00
        Mozilla Browser和Firefox都是非常流行的开放源码WEB浏览器。

- 公告与补丁

        * Mozilla Upgrade Firefox 1.0.7

        * Mozilla Upgrade Mozilla 1.7.12

- 漏洞信息

Mozilla Browsers Arbitrary File Upload
Remote / Network Access Other
Loss of Confidentiality
Exploit Public

- 漏洞描述

Mozilla contains a flaw that may allow a malicious user to capture or upload a file from a users machine. The issue is triggered when a user loads a malicious web page which uses a specially crafted javascript. It is possible that the flaw may allow an attacker to retrieve files from known locations without the user being notified, resulting in a loss of confidentiality.

- 时间线

2004-08-03 Unknow
2004-08-03 Unknow

- 解决方案

Upgrade to version 1.7 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): disable javascript functionality.

- 相关参考

- 漏洞作者

- 漏洞信息

Mozilla Browser Input Type HTML Tag Unauthorized Access Vulnerability
Access Validation Error 10874
Yes No
2004-08-05 12:00:00 2009-07-12 06:16:00
The individual responsible for the discovery of this issue is currently unknown; this issue was disclosed in the referenced bugzilla report.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI Advanced Linux Environment 3.0
SCO Unixware 7.1.4
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core1
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7
Avaya Network Routing
Mozilla Browser 1.7.2
Mozilla Browser 1.7.1

- 不受影响的程序版本

Mozilla Browser 1.7.2
Mozilla Browser 1.7.1

- 漏洞讨论

Mozilla browser is reportedly affected by an input type HTML tag unauthorized access vulnerability. This issue is due to an access validation error that allows access to arbitrary files on an unsuspecting user's system.

This issue will allow an attacker to obtain arbitrary files residing on the computer of an unsuspecting user that activates a malicious script.

- 漏洞利用

No exploit is required to leverage this issue.

- 解决方案

SCO has released an advisory SCOSA-2005.25 including updated packages to address this issue. Please see the referenced advisory for more information.

Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Fixes are not currently available; customers are advised to contact the vendor for further details regarding fix availability. Please see the referenced Avaya advisory at the following location for further details:

Red Hat has released advisory RHSA-2004:421-17 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

The vendor has released an upgrade dealing with this issue.

Slackware has released an advisory (SSA:2004-223-01) to address this issue. Please see the referenced advisory for more information.

SGI has made available Patch 10095, correcting this vulnerability for systems running SGI Advanced Linux Environment 3:

Patch 10095 is available from and

The individual RPMs from Patch 10095 are available from:

SuSE Linux has released advisory SUSE-SA:2004:036 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Conectiva has released an advisory (CLA-2004:877) to address various issues including this in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.

The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.

Mozilla Browser 1.7

Mozilla Browser 1.7 rc3

- 相关参考