Executive Summary
Summary | |
---|---|
Title | Mozilla security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:384 | First vendor Publication | 2005-04-28 |
Vendor | RedHat | Last vendor Modification | 2005-04-28 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bugs were found with the way Mozilla displays the secure site icon. It is possible that a malicious website could display the secure site icon along with incorrect certificate information. (CAN-2005-0143 CAN-2005-0593) A bug was found in the way Mozilla handles synthetic middle click events. It is possible for a malicious web page to steal the contents of a victims clipboard. (CAN-2005-0146) Several bugs were found with the way Mozilla handles temporary files. A local user could view sensitive temporary information or delete arbitrary files. (CAN-2005-0142 CAN-2005-0578) A bug was found in the way Mozilla handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156) A flaw was found in the way Mozilla displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233) A bug was found in the way Mozilla processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. (CAN-2005-0401) A bug was found in the way Mozilla handles xsl:include and xsl:import directives. It is possible for a malicious website to import XSLT stylesheets from a domain behind a firewall, leaking information to an attacker. (CAN-2005-0588) Several bugs were found in the way Mozilla displays alert dialogs. It is possible for a malicious webserver or website to trick a user into thinking the dialog window is being generated from a trusted site. (CAN-2005-0586 CAN-2005-0591 CAN-2005-0585 CAN-2005-0590 CAN-2005-0584) A bug was found in the Mozilla javascript security manager. If a user drags a malicious link to a tab, the javascript security manager is bypassed, which could result in remote code execution or information disclosure. (CAN-2005-0231) A bug was found in the way Mozilla allows plug-ins to load privileged content into a frame. It is possible that a malicious webpage could trick a user into clicking in certain places to modify configuration settings or execute arbitrary code. (CAN-2005-0232 and CAN-2005-0527) A bug was found in the way Mozilla handles anonymous functions during regular expression string replacement. It is possible for a malicious web page to capture a random block of browser memory. (CAN-2005-0989) A bug was found in the way Mozilla displays pop-up windows. If a user choses to open a pop-up window whose URL is malicious javascript, the script will be executed with elevated privileges. (CAN-2005-1153) A bug was found in the way Mozilla installed search plugins. If a user chooses to install a search plugin from a malicious site, the new plugin could silently overwrite an existing plugin. This could allow the malicious plugin to execute arbitrary code and stealm sensitive information. (CAN-2005-1156 CAN-2005-1157) Several bugs were found in the Mozilla javascript engine. A malicious web page could leverage these issues to execute javascript with elevated privileges or steal sensitive information. (CAN-2005-1154 CAN-2005-1155 CAN-2005-1159 CAN-2005-1160) Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.7 to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 142390 - CAN-2004-1156 Frame injection vulnerability. 144080 - CAN-2005-0585 download dialog URL spoofing 145606 - CAN-2005-0142 Opened attachments are temporarily saved world-readable 145607 - CAN-2005-0143 Secure site lock can be spoofed with a binary download 145613 - CAN-2005-0146 Synthetic middle-click event can steal clipboard contents 147397 - homograph spoofing 152580 - CAN-2005-0578 Mozilla issues (CAN-2005-0232 CAN-2005-0527 CAN-2005-0231 CAN-2005-0584 CAN-2005-0585 CAN-2005-0586 CAN-2005-0588 CAN-2005-0590 CAN-2005-0591 CAN-2005-0593) 155117 - CAN-2005-0989 Multiple Mozilla issues. (CAN-2005-1153 CAN-2005-1154 CAN-2005-1155 CAN-2005-1156 CAN-2005-1157 CAN-2005-1159 CAN-2005-1160) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-384.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:100017 | |||
Oval ID: | oval:org.mitre.oval:def:100017 | ||
Title: | Mozilla DOM Node Privilege Escalation Vulnerability | ||
Description: | The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1160 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100018 | |||
Oval ID: | oval:org.mitre.oval:def:100018 | ||
Title: | Mozilla InstallTrigger Instance Validation Vulnerability | ||
Description: | The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1159 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100020 | |||
Oval ID: | oval:org.mitre.oval:def:100020 | ||
Title: | Mozilla Search Plugin Cross-site Scripting Vulnerability | ||
Description: | Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1156 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100021 | |||
Oval ID: | oval:org.mitre.oval:def:100021 | ||
Title: | Mozilla favicons Code Execution Vulnerability | ||
Description: | The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1155 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100022 | |||
Oval ID: | oval:org.mitre.oval:def:100022 | ||
Title: | Mozilla Global Pollution Vulnerability | ||
Description: | Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1154 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100023 | |||
Oval ID: | oval:org.mitre.oval:def:100023 | ||
Title: | Mozilla blocked javascript: popup Privilege Escalation Vulnerability | ||
Description: | Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1153 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100025 | |||
Oval ID: | oval:org.mitre.oval:def:100025 | ||
Title: | Mozilla Javascript "lambda" | ||
Description: | The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0989 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100026 | |||
Oval ID: | oval:org.mitre.oval:def:100026 | ||
Title: | Mozilla XUL Drag and Drop Security Bypass Vulnerability | ||
Description: | FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0401 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100029 | |||
Oval ID: | oval:org.mitre.oval:def:100029 | ||
Title: | Mozilla IDN Homograph Spoofing Vulnerability | ||
Description: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0233 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100031 | |||
Oval ID: | oval:org.mitre.oval:def:100031 | ||
Title: | Mozilla Privileged Content Loading Vulnerability | ||
Description: | Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0527 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100032 | |||
Oval ID: | oval:org.mitre.oval:def:100032 | ||
Title: | Mozilla Cross-site Scripting via Drag and Drop to Tab | ||
Description: | Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0231 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100034 | |||
Oval ID: | oval:org.mitre.oval:def:100034 | ||
Title: | Mozilla HTTP auth Prompt Tab Spoofing | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0584 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100035 | |||
Oval ID: | oval:org.mitre.oval:def:100035 | ||
Title: | Mozilla Download Dialog Source Spoofing Vulnerability | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0585 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100036 | |||
Oval ID: | oval:org.mitre.oval:def:100036 | ||
Title: | Mozilla "Save Link As" Dialog Spoofing Vulnerability | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0586 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100038 | |||
Oval ID: | oval:org.mitre.oval:def:100038 | ||
Title: | Mozilla XSLT Stylesheet Information Disclosure Potential | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0588 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100041 | |||
Oval ID: | oval:org.mitre.oval:def:100041 | ||
Title: | Mozilla 'user:pass@host' Spoofing Vulnerability | ||
Description: | The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0590 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100042 | |||
Oval ID: | oval:org.mitre.oval:def:100042 | ||
Title: | Mozilla Download/Security Dialogs Spoofing Vulnerability | ||
Description: | Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0591 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100044 | |||
Oval ID: | oval:org.mitre.oval:def:100044 | ||
Title: | Mozilla SSL Lock Image Spoofing Vulnerability | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0593 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100045 | |||
Oval ID: | oval:org.mitre.oval:def:100045 | ||
Title: | Mozilla Popup Content Spoofing Vulnerability | ||
Description: | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-1156 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100055 | |||
Oval ID: | oval:org.mitre.oval:def:100055 | ||
Title: | Mozilla SSL Lock Image Spoofing during Binary Download | ||
Description: | Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0143 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100056 | |||
Oval ID: | oval:org.mitre.oval:def:100056 | ||
Title: | Mozilla Creates World-readable temp Files | ||
Description: | Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0142 | Version: | 4 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10010 | |||
Oval ID: | oval:org.mitre.oval:def:10010 | ||
Title: | The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. | ||
Description: | The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0590 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10039 | |||
Oval ID: | oval:org.mitre.oval:def:10039 | ||
Title: | Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | ||
Description: | Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0591 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10079 | |||
Oval ID: | oval:org.mitre.oval:def:10079 | ||
Title: | Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | ||
Description: | Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0231 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10117 | |||
Oval ID: | oval:org.mitre.oval:def:10117 | ||
Title: | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | ||
Description: | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1156 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10629 | |||
Oval ID: | oval:org.mitre.oval:def:10629 | ||
Title: | The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. | ||
Description: | The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1159 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10682 | |||
Oval ID: | oval:org.mitre.oval:def:10682 | ||
Title: | Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0588 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10954 | |||
Oval ID: | oval:org.mitre.oval:def:10954 | ||
Title: | Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory. | ||
Description: | Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0578 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10967 | |||
Oval ID: | oval:org.mitre.oval:def:10967 | ||
Title: | Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | ||
Description: | Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0232 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11152 | |||
Oval ID: | oval:org.mitre.oval:def:11152 | ||
Title: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content. | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0586 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11191 | |||
Oval ID: | oval:org.mitre.oval:def:11191 | ||
Title: | Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks. | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0584 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11229 | |||
Oval ID: | oval:org.mitre.oval:def:11229 | ||
Title: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Description: | The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0233 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11772 | |||
Oval ID: | oval:org.mitre.oval:def:11772 | ||
Title: | Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | ||
Description: | Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0527 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9533 | |||
Oval ID: | oval:org.mitre.oval:def:9533 | ||
Title: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site. | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0593 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9924 | |||
Oval ID: | oval:org.mitre.oval:def:9924 | ||
Title: | Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks. | ||
Description: | Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0585 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for Mozilla remote HPSBUX01133 File : nvt/gb_hp_ux_HPSBUX01133.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-10 (Firefox) File : nvt/glsa_200503_10.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-30 (Mozilla) File : nvt/glsa_200503_30.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-31 (Firefox) File : nvt/glsa_200503_31.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-32 (Thunderbird) File : nvt/glsa_200503_32.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200504-18 (Mozilla) File : nvt/glsa_200504_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-17 (thunderbird) File : nvt/glsa_200507_17.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox2.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox7.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox8.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 781-1 (mozilla-thunderbird) File : nvt/deb_781_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59843 | Mozilla Multiple Browsers Cross-domain Browser Window Injection Content Spoofing |
15690 | Mozilla Multiple Browser DOM Property Override Privilege Escalation Multiple browser contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to improper validation of privileged 'chrome' UI code in DOM nodes. By creating a malicious script and tricking a victim to open the script or the context menu, a remote attacker could override properties and methods of DOM nodes and execute arbitrary code, resulting in a loss of integrity. |
15689 | Mozilla Multiple Browser Install Object Arbitrary Code Execution |
15687 | Mozilla Multiple Browser Search Plugin Privileged Script Execution (Firesearc... |
15686 | Mozilla Link Tag favicons Privileged Script Execution (Firelinking) |
15685 | Mozilla setter Function New Page Persistent XSS |
15684 | Mozilla Blocked Javascript 'Show' Privileged Execution |
15682 | Mozilla Javascript RegEx String Replacement Arbitrary Memory Disclosure |
15241 | Mozilla Multiple Browser JavaScript Regex Parsing Information Disclosure |
15010 | Mozilla Drag and Drop Privileged XUL Loading (firescrolling 2) |
14198 | Mozilla Browsers Predictable Plugin Temp Directory Arbitrary File Deletion |
14197 | Mozilla Browsers XPCOM Scrollbar Arbitrary Code Execution Firefox contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when downloading a malformed HTML document that includes Firefox XPCOM code to perform actions that are triggered by scrollbar actions. It is possible that the flaw may allow writing to an arbitrary local file. |
14196 | Multiple Browser Authentication Prompt Tab Spoofing |
14194 | Mozilla Multiple Products 204 HTTP Response SSL Secure Site Spoofing |
14193 | Mozilla Browsers Content-Disposition Header Download Dialog Spoofing |
14191 | Mozilla Browsers Arbitrary XSLT Stylesheet Access |
14189 | Mozilla Multiple Products HTTP Connect Failure SSL secure site Spoofing |
14188 | Mozilla Multiple Products user: Install Source Spoofing |
14187 | Mozilla Multiple Products Incomplete Page Load SSL secure site Spoofing |
13612 | Multiple Browser -moz-opacity Configuration Modification |
13611 | Multiple Browser Dragged Link Cross Tab Scripting |
13578 | Mozilla Multiple Browser International Domain Name (IDN) Punycode Encoded Dom... |
13337 | Mozilla Multiple Products Clipboard Paste Operation Information Disclosure |
13335 | Mozilla Multiple Products Insecure Page Secure Binary Lock Icon Weakness |
12868 | Mozilla Modal Dialog Overlapping Issue |
12740 | Mozilla Browsers Download Source Spoofing |
11118 | Mozilla Multiple Products Downloaded File Content Disclosure |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla favicon href javascript execution attempt RuleID : 20814 - Revision : 10 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox Javascript Engine Information Disclosure attempt RuleID : 17415 - Revision : 11 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox Javascript Engine Information Disclosure attempt RuleID : 17414 - Revision : 14 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Products IDN Spoofing Vulnerability Attempt RuleID : 17409 - Revision : 12 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox plugin access control bypass attempt RuleID : 17265 - Revision : 13 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-386.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-601.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-383.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-157-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-155-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-149-3.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-134-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-124-1.nasl - Type : ACT_GATHER_INFO |
2005-10-24 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_016.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-246.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-249.nasl - Type : ACT_GATHER_INFO |
2005-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-781.nasl - Type : ACT_GATHER_INFO |
2005-07-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-601.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_106.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-604.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-606.nasl - Type : ACT_GATHER_INFO |
2005-07-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-17.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_45b75152ae5f11d9a7880001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b09119856e2a11d99557000a95bc6fae.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_cbfde1cd87eb11d9aa180001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-248.nasl - Type : ACT_GATHER_INFO |
2005-05-17 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-088.nasl - Type : ACT_GATHER_INFO |
2005-04-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2005-04-28 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_028.nasl - Type : ACT_GATHER_INFO |
2005-04-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-386.nasl - Type : ACT_GATHER_INFO |
2005-04-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-383.nasl - Type : ACT_GATHER_INFO |
2005-04-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200504-18.nasl - Type : ACT_GATHER_INFO |
2005-04-16 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_177.nasl - Type : ACT_GATHER_INFO |
2005-04-16 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_firefox_103.nasl - Type : ACT_GATHER_INFO |
2005-04-12 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_022.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-323.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-335.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-336.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-32.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-31.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-30.nasl - Type : ACT_GATHER_INFO |
2005-03-23 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_176.nasl - Type : ACT_GATHER_INFO |
2005-03-23 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_102.nasl - Type : ACT_GATHER_INFO |
2005-03-17 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-058.nasl - Type : ACT_GATHER_INFO |
2005-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-10.nasl - Type : ACT_GATHER_INFO |
2005-03-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-176.nasl - Type : ACT_GATHER_INFO |
2005-02-25 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_101.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-094.nasl - Type : ACT_GATHER_INFO |
2004-11-13 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_img.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:18 |
|