Rapid7 Vulnerability & Exploit Database

MFSA2015-24 SeaMonkey: Reading of local files through manipulation of form autocomplete (CVE-2015-0822)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

MFSA2015-24 SeaMonkey: Reading of local files through manipulation of form autocomplete (CVE-2015-0822)

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

02/25/2015

Created

07/25/2018

Added

03/23/2015

Modified

04/05/2017

Description

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.

Solution(s)

mozilla-seamonkey-upgrade-2_33_0

References

https://attackerkb.com/topics/cve-2015-0822
72756
CVE - 2015-0822
DSA-3174
DSA-3179
RHSA-2015:0265
RHSA-2015:0266
RHSA-2015:0642
http://www.mozilla.org/security/announce/2015/mfsa2015-24.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MFSA2015-24 SeaMonkey: Reading of local files through manipulation of form autocomplete (CVE-2015-0822)

MFSA2015-24 SeaMonkey: Reading of local files through manipulation of form autocomplete (CVE-2015-0822)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.