CVE-2004-2225
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
Date published : 2005-07-17
http://www.securityfocus.com/bid/11311
http://www.mozilla.org/projects/security/older-vulnerabilities.html#firefox0.10.1