HTTP: Mozilla Firefox 2.0.0.4 Directory Traversal

This signature detects attempts to exploit a known vulnerability in the Mozilla Firefox. Firefox 2.0.0.4 and prior versions are vulnerable. It is due to insufficient validation of user supplied input. A successful attack can allow the attackers to read the content of arbitrary files on the target host.

Extended Description

Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI.

References

CVE: CVE-2007-3073

Short Name
HTTP:STC:MOZILLA:FF2-DIR-TRAV
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
2.0.0.4 CVE-2007-3073 Directory Firefox Mozilla Traversal
Release Date
05/07/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
CVSS Score

7.8

Found a potential security threat?