mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 19:04:02 +02:00
0xMarcio
856 B
856 B
CVE-2009-0355
Description
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.
POC
Reference
- http://www.redhat.com/support/errata/RHSA-2009-0258.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9161
Github
No PoCs found on GitHub currently.