CVE-2005-0142 - Huddled Pitches

Description

Firefox 0.9 Thunderbird 0.6 and other versions before 0.9 and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions which allows local users to read certain web content or attachments that belong to other users e.g. content that is managed by helper applications such as PDF.

Reference

http://www.mozilla.org/security/announce/mfsa2005-02.html https://bugzilla.mozilla.org/show_bug.cgi?id=251297 http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://secunia.com/advisories/19823 http://www.novell.com/linux/security/advisories/2006_04_25.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17832 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9543 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100056