Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.
downloads.avaya.com/css/P8/documents/100144158
www.debian.org/security/2011/dsa-2227
www.debian.org/security/2011/dsa-2228
www.debian.org/security/2011/dsa-2235
www.mandriva.com/security/advisories?name=MDVSA-2011:079
www.mandriva.com/security/advisories?name=MDVSA-2011:080
www.mozilla.org/security/announce/2011/mfsa2011-16.html
bugzilla.mozilla.org/show_bug.cgi?id=624764
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14058