Unrated severityNVD Advisory· Published Sep 24, 2008· Updated Apr 23, 2026
CVE-2008-4067
CVE-2008-4067
Description
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.
Affected products
8- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
53- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingVendor Advisory
- download.novell.com/DownloadnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlnvdThird Party Advisory
- secunia.com/advisories/31984nvdThird Party Advisory
- secunia.com/advisories/31985nvdThird Party Advisory
- secunia.com/advisories/31987nvdThird Party Advisory
- secunia.com/advisories/32007nvdThird Party Advisory
- secunia.com/advisories/32010nvdThird Party Advisory
- secunia.com/advisories/32011nvdThird Party Advisory
- secunia.com/advisories/32012nvdThird Party Advisory
- secunia.com/advisories/32025nvdThird Party Advisory
- secunia.com/advisories/32042nvdThird Party Advisory
- secunia.com/advisories/32044nvdThird Party Advisory
- secunia.com/advisories/32082nvdThird Party Advisory
- secunia.com/advisories/32089nvdThird Party Advisory
- secunia.com/advisories/32092nvdThird Party Advisory
- secunia.com/advisories/32095nvdThird Party Advisory
- secunia.com/advisories/32096nvdThird Party Advisory
- secunia.com/advisories/32144nvdThird Party Advisory
- secunia.com/advisories/32185nvdThird Party Advisory
- secunia.com/advisories/32196nvdThird Party Advisory
- secunia.com/advisories/32845nvdThird Party Advisory
- secunia.com/advisories/33433nvdThird Party Advisory
- secunia.com/advisories/33434nvdThird Party Advisory
- secunia.com/advisories/34501nvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- www.0x000000.comnvdThird Party Advisory
- www.debian.org/security/2008/dsa-1649nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1669nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1696nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1697nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2008/mfsa2008-44.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2008-0879.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0882.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0908.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/31346nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-645-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-645-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-647-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2008/2661nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/0977nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/45359nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10770nvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.htmlnvdThird Party Advisory
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.