Mozilla’s chief of security has confirmed a directory traversal vulnerability (bug) in Firefox that could expose private and confidential information inside the users’ computers. In other words, the flaw gives attackers unauthorized access to the data inside a victim’s computer.

The bug resides in Firefox’s chrome protocol scheme and allows directory traversal when certain types of extensions are installed. When a chrome package is “flat” rather than contained in a .jar the directory traversal allows escaping the extensions directory and reading files in a predictable location on the disk. This “may enable” malware authors to inject malicious code into the victim computer via crafted web pages to detect and exploit additional vulnerabilities inside it if not resolved quickly.

Hiredhacker.com blog posted a demonstration of the vulnerability, it shows how a particular web page can gain access to the saved settings in the Thunderbird e-mail client.

Mozilla cites Download Statusbar and Greasemonkey as examples of add-ons which permit exploitation of this vulnerability. The development team behind Download Statusbar has released a patch packed in a .jar. So if you are using these add-ons, better update them as quickly as you can.

Mozilla announced that the bug is a low risk and will be fixed in Render Engine version 1.8.1.12.

Popularity: 1% [?]