CVE-2008-2399: CVE-2008-2399

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-2399

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

FireFTP MLSD及LIST命令目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FireFTP是在Firefox中使用的FTP客户端扩展。 FireFTP在处理从FTP服务器所返回的MLSD和LIST命令响应时存在目录遍历漏洞，如果用户受骗从恶意的FTP服务器下载了包含有目录遍历序列文件名的文件的话，就会导致向用户系统的任意位置写入文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-2399

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-2399

Please Login to view more intelligence information

http://vuln.sg/fireftp0971-en.htmlx_refsource_MISC
http://secunia.com/advisories/30284third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/29289vdb-entryx_refsource_BID
http://www.kb.cert.org/vuls/id/906907third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2008/1596/referencesvdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/42516vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-2399

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-2399

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-2399

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-2399

III. Intelligence Information for CVE-2008-2399

IV. Related Vulnerabilities

V. Comments for CVE-2008-2399

Leave a comment