FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- insecure temporary directory vulnerability

Affected packages
firefox < 1.0.1,1
mozilla < 1.7.6,2
linux-mozilla < 1.7.6
linux-mozilla-devel < 1.7.6
0 <= netscape7
0 <= de-linux-mozillafirebird
0 <= el-linux-mozillafirebird
0 <= ja-linux-mozillafirebird-gtk1
0 <= ja-mozillafirebird-gtk2
0 <= linux-mozillafirebird
0 <= ru-linux-mozillafirebird
0 <= zhCN-linux-mozillafirebird
0 <= zhTW-linux-mozillafirebird
0 <= de-linux-netscape
0 <= de-netscape7
0 <= fr-linux-netscape
0 <= fr-netscape7
0 <= ja-linux-netscape
0 <= ja-netscape7
0 <= linux-netscape
0 <= linux-phoenix
0 <= mozilla+ipv6
0 <= mozilla-embedded
0 <= mozilla-firebird
0 <= mozilla-gtk
0 <= mozilla-gtk1
0 <= mozilla-gtk2
0 <= mozilla-thunderbird
0 <= phoenix
0 <= pt_BR-netscape7

Details

VuXML ID d022754d-8839-11d9-aa18-0001020eed82
Discovery 2005-02-06
Entry 2005-02-26

A Mozilla Foundation Security Advisory reports:

A predictable name is used for the plugin temporary directory. A malicious local user could symlink this to the victim's home directory and wait for the victim to run Firefox. When Firefox shuts down the victim's directory would be erased.

[source]

References

URL http://www.mozilla.org/security/announce/mfsa2005-28.html
URL https://bugzilla.mozilla.org/show_bug.cgi?id=281284

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.