Netscape/Mozilla/Galeon Local File Enumeration (deprecated)

Medium Nessus Network Monitor Plugin ID 1311

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running a version of the Mozilla browser that could allow a remote attacker to detect the existence of files on the local file system of the web client accessing the attackers page. The vulnerability is caused by improper handling of embedded Cascading Style-Sheet (CSS) <LINK> elements in the broswer.

Solution

Upgrade to the latest version of Mozilla

Plugin Details

Severity: Medium

ID: 1311

Family: SMTP Clients

Published: 2004/08/20

Modified: 2016/01/21

Dependencies: 1330

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2002-1126, CVE-2002-0594

BID: 4640, 5694