CVE-2004-2225

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.

Date published : 2005-07-17

http://www.securityfocus.com/bid/11311

http://www.mozilla.org/projects/security/older-vulnerabilities.html#firefox0.10.1