The upcoming Firefox 220.127.116.11 release will fix this flaw. It affects extensions (more than 600) which are installed as a set of uncompressed files instead of widely used .jar files.
A vulnerability in the chrome protocol scheme allows directory traversal when a “flat” add-on is present resulting in potential information disclosure.
When a chrome package is “flat” rather than contained in a .jar the directory traversal allows escaping the extensions directory and reading files in a predictable location on the disk. Many add-ons are packaged in this way.
A visited attacking page is able to load images, scripts, or stylesheets from known locations on the disk. Attackers may use this method to detect the presence of files which may give an attacker information about which applications are installed. This information may be used to profile the system for a different kind of attack.
Users are only at risk if they have one of the “flat” packaged add-on installed. Examples of popular add-ons that are vulnerable include: Download Statusbar and Greasemonkey.
Web Browsers News. Subscribe to our RSS Feed.
About (Author Profile)
Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.