Netscape/Mozilla/Galeon Local File Enumeration (deprecated)

low Nessus Network Monitor Plugin ID 1311

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running a version of the Mozilla browser that could allow a remote attacker to detect the existence of files on the local file system of the web client accessing the attackers page. The vulnerability is caused by improper handling of embedded Cascading Style-Sheet (CSS) <LINK> elements in the broswer.

Solution

Upgrade to the latest version of Mozilla

Plugin Details

Severity: Low

ID: 1311

Family: SMTP Clients

Published: 8/20/2004

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.3

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Reference Information

CVE: CVE-2002-0594, CVE-2002-1126

BID: 4640, 5694