CVE-2007-5335

Published: Oct 24, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs.

Affected (1)

Products: Mozilla: Firefox

Mozilla

1 product

Firefox

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 2.0.0.7

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (18)

http://osvdb.org/42470

Source: secalert@redhat.com

http://secunia.com/advisories/27335

Source: secalert@redhat.com

http://secunia.com/advisories/27387

Source: secalert@redhat.com

http://secunia.com/advisories/27665

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=390983

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/37428

Source: secalert@redhat.com

https://usn.ubuntu.com/535-1/

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

Source: secalert@redhat.com

http://osvdb.org/42470