CVE-2005-0142

medium

Description

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9543

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100056

https://exchange.xforce.ibmcloud.com/vulnerabilities/17832

https://bugzilla.mozilla.org/show_bug.cgi?id=251297

http://www.redhat.com/support/errata/RHSA-2005-384.html

http://www.redhat.com/support/errata/RHSA-2005-335.html

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.mozilla.org/security/announce/mfsa2005-02.html

http://secunia.com/advisories/19823

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium