File Exposure Vulnerability in Mozilla and Firefox Products
CVE-2004-1449

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla; Thunderbird; Firebird
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-1449?

A vulnerability in Mozilla products prior to version 1.7, including Firefox before version 0.9 and Thunderbird before version 0.7, allows remote attackers to expose sensitive information on a user's system. By obscuring a file upload control, attackers can trick users into dragging text, inadvertently revealing local file paths. This could lead to further exploitation, as attackers gain insights into the structure and contents of a user’s file system, creating potential pathways for data breaches and unauthorized access.

References

http://www.mandrakesecure.net/en/advisories/advisory.php?...

vendor-advisoryx_refsource_MANDRAKE

http://bugzilla.mozilla.org/show_bug.cgi?id=206859#c0

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 13, 2005
Vulnerability published
Dec 31, 2004