Upstream information
Description
Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| CVSS detail | National Vulnerability Database |
|---|---|
| Base Score | 6.4 |
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | None |
SUSE Security Advisories:
- SUSE-SA:2004:030, published Monday, Sept 6th 15:00:00 MEST 2004
- SUSE-SA:2004:032, published Wednesday, Sep 15th 2004 16:00 MEST
- SUSE-SA:2004:033, published Wednesday, Sep 17th 2004 12:00 MEST
- SUSE-SA:2004:034, published Friday, Sep 17th 2004 14:23 MEST
- SUSE-SA:2004:035, published Tuesday, Oct 5th 2004 16:53:01 MEST
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 00:56:49 2013CVE page last modified: Mon Oct 6 18:14:35 2025