发布时间 :2004-12-31 00:00:00
修订时间 :2008-09-05 16:43:32

[原文]Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.

[CNNVD]Mozilla Firefox DATA URI文件删除漏洞(CNNVD-200412-572)

        Mozilla Firefox是一款开放源代码的浏览器。
        Mozilla Firefox在处理'data:' URI数据时存在问题,远程攻击者可以利用这个漏洞删除用户配置的下载目录。
        攻击者可以建立特殊的HTML文件,利用'data:' URI机制,当目标用户尝试来自'data:'协议的文件时,可导致删除用户配置的下载目录。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:mozilla:firefox:0.9Mozilla Firefox 0.9
cpe:/a:mozilla:firefox:0.8Mozilla Firefox 0.8
cpe:/a:mozilla:firefox:0.9.2Mozilla Firefox 0.9.2
cpe:/a:mozilla:firefox:0.9.1Mozilla Firefox 0.9.1
cpe:/a:mozilla:firefox:0.9.3Mozilla Firefox 0.9.3
cpe:/a:mozilla:firefox:0.10Mozilla Firefox 0.10
cpe:/a:mozilla:firefox:0.9:rcMozilla Firefox 0.9 rc

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(PATCH)  BID  11311
(PATCH)  OSVDB  10478
(PATCH)  SECTRACK  1011501

- 漏洞信息

Mozilla Firefox DATA URI文件删除漏洞
中危 其他
2004-12-31 00:00:00 2005-10-20 00:00:00
        Mozilla Firefox是一款开放源代码的浏览器。
        Mozilla Firefox在处理'data:' URI数据时存在问题,远程攻击者可以利用这个漏洞删除用户配置的下载目录。
        攻击者可以建立特殊的HTML文件,利用'data:' URI机制,当目标用户尝试来自'data:'协议的文件时,可导致删除用户配置的下载目录。

- 公告与补丁

        Mozilla Upgrade firefox-1.0PR-source.tar.bz2

        Mozilla Patch 259708.xpi

- 漏洞信息

Mozilla Firefox Download Directory Arbitrary File Deletion
Remote / Network Access Other
Loss of Integrity, Loss of Availability
Exploit Public

- 漏洞描述

Mozilla Firefox contains a flaw that may allow a malicious user to delete arbitrary files on a user machine. The issue is triggered when an attacker persuades a user to select the "Save" button to download a file from a web page. Saving files with right-click function on the link by selecting "Save Link As" doesn't generate this weakness. It is possible that the flaw may allow a malicious user to delete all the files in the Firefox "downloads" directory resulting in a loss of data availability.

- 时间线

2004-09-29 2004-09-15
2004-09-15 Unknow

- 解决方案

Upgrade to version 0.10.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者