firefox is vulnerable to directory traversal. The vulnerability exists due to a Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This bug only affects Firefox on Windows. Other operating systems are unaffected.
Vendor | Product | Version | CPE |
---|---|---|---|
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:89.0.1-r1:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:89.0.1-r0:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:95.0.1-r0:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:90.0.2-r0:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:74.0-r1:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:73.0.1-r1:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:74.0.1-r0:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:85.0.2-r1:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:89.0-r0:*:*:*:*:*:*:* |
- | firefox\ | edge | cpe:2.3:a:-:firefox\:edge:90.0-r0:*:*:*:*:*:*:* |