| VID |
28643 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
Mozilla/Firefox Web browser, according to its version number, contains an Arbitrary Files Removal Vulnerability.
Firefox are open-source Web browsers, developed by the Mozilla project.
Firefox versions prior to 0.10.1 could allow a remote attacker to delete arbitrary files from a user's download directory. A remote attacker could exploit this vulnerability by creating a rogue website and then persuading a target user to visit it.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.mozilla.org/press/mozilla-2004-10-01-02.html
* Platforms Affected:
Mozilla Project, Firefox prior to 0.10.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of the Firefox Preview Release and apply the patch for this vulnerability, available from the Mozilla website at http://www.mozilla.org/press/mozilla-2004-10-01-02.html |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
