Thor Larholm writes "Firefox 2.0.0.4 fixed a directory traversal
vulnerability that allowed you to read local files.
However, the patch only works for the Windows version of Firefox and
actually re-introduces a previously fixed input validation flaw."
More information at http://larholm.com/2007/06/04/unpatched-input-validation-flaw-in-firefox-2004/
Link to this Story:
Unpatched input validation flaw in Firefox 2.0.0.4
