Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-2225

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.

  • Published: Dec 31, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-2225
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / firefox 0.8 0.8.x
mozilla / firefox 0.9.1 0.9.1.x
mozilla / firefox 0.9 0.9.x
mozilla / firefox preview_release preview_release.x
mozilla / firefox 0.9.3 0.9.3.x
mozilla / firefox 0.9.2 0.9.2.x
mozilla / firefox 0.9-rc 0.9-rc.x
mozilla / firefox 0.10 0.10.x