Vulnerabilities > CVE-2005-2455 - Unspecified vulnerability in Greasemonkey 0.3.3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
greasemonkey
exploit available

Summary

Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitrary files via a GET request to a file:// URL in the GM_xmlhttpRequest API function, (2) list installed scripts using GM_scripts, or obtain sensitive information via (3) GM_setValue and GM_getValue.

Vulnerable Configurations

Part Description Count
Application
Greasemonkey
1

Exploit-Db

descriptionGreasemonkey 0.3.3 Multiple Remote Information Disclosure Vulnerabilities. CVE-2005-2455. Webapps exploit for cgi platform
idEDB-ID:26017
last seen2016-02-03
modified2005-07-20
published2005-07-20
reporterMark Pilgrim
sourcehttps://www.exploit-db.com/download/26017/
titleGreasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities