Executive Summary
Summary | |
---|---|
Title | Firefox vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-134-1 | First vendor Publication | 2005-05-26 |
Vendor | Ubuntu | Last vendor Modification | 2005-05-26 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: mozilla-firefox The problem can be corrected by upgrading the affected package to version 1.0.2-0ubuntu5.3. After doing a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: It was discovered that a malicious website could inject arbitrary scripts into a target site by loading it into a frame and navigating back to a previous Javascript URL that contained an eval() call. This could be used to steal cookies or other confidential data from the target site. If the target site is allowed to raise the install confirmation dialog in Firefox then this flaw even allowed the malicious site to execute arbitrary code with the privileges of the Firefox user. By default only the Mozilla Update site is allowed to attempt software installation; however, users can permit this for additional sites. (MFSA 2005-42) Michael Krax, Georgi Guninski, and L. David Baron found that the security checks that prevent script injection could be bypassed by wrapping a javascript: url in another pseudo-protocol like "view-source:" or "jar:". (CAN-2005-1531) A variant of the attack described in CAN-2005-1160 (see USN-124-1) was discovered. Additional checks were added to make sure Javascript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them. (CAN-2005-1532) Note: These flaws also apply to Ubuntu 5.04's Mozilla, and to the Ubuntu 4.10 versions of Firefox and Mozilla. These will be fixed soon. |
Original Source
Url : http://www.ubuntu.com/usn/USN-134-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:100014 | |||
Oval ID: | oval:org.mitre.oval:def:100014 | ||
Title: | Mozilla Script Privilege Context Vulnerabilities | ||
Description: | Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1532 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100015 | |||
Oval ID: | oval:org.mitre.oval:def:100015 | ||
Title: | Mozilla JavaScript Wrapping Vulnerability | ||
Description: | Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1531 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:100017 | |||
Oval ID: | oval:org.mitre.oval:def:100017 | ||
Title: | Mozilla DOM Node Privilege Escalation Vulnerability | ||
Description: | The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-1160 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 781-1 (mozilla-thunderbird) File : nvt/deb_781_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16605 | Mozilla Javascript eval / Script Object Non-DOM Property Override Privilege E... |
16576 | Mozilla Wrapped javascript: URL Restriction Bypass |
15690 | Mozilla Multiple Browser DOM Property Override Privilege Escalation Multiple browser contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to improper validation of privileged 'chrome' UI code in DOM nodes. By creating a malicious script and tricking a victim to open the script or the context menu, a remote attacker could override properties and methods of DOM nodes and execute arbitrary code, resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla favicon href javascript execution attempt RuleID : 20814 - Revision : 10 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox JavaScript eval arbitrary code execution attempt RuleID : 17212 - Revision : 14 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-386.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-434.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-601.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-383.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-435.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-157-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-155-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-149-3.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-134-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-124-1.nasl - Type : ACT_GATHER_INFO |
2005-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-781.nasl - Type : ACT_GATHER_INFO |
2005-07-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-601.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-604.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-606.nasl - Type : ACT_GATHER_INFO |
2005-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_106.nasl - Type : ACT_GATHER_INFO |
2005-06-10 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_030.nasl - Type : ACT_GATHER_INFO |
2005-05-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-435.nasl - Type : ACT_GATHER_INFO |
2005-05-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-434.nasl - Type : ACT_GATHER_INFO |
2005-05-17 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-088.nasl - Type : ACT_GATHER_INFO |
2005-05-12 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_104.nasl - Type : ACT_GATHER_INFO |
2005-05-12 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_178.nasl - Type : ACT_GATHER_INFO |
2005-04-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-384.nasl - Type : ACT_GATHER_INFO |
2005-04-28 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_028.nasl - Type : ACT_GATHER_INFO |
2005-04-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-386.nasl - Type : ACT_GATHER_INFO |
2005-04-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-383.nasl - Type : ACT_GATHER_INFO |
2005-04-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200504-18.nasl - Type : ACT_GATHER_INFO |
2005-04-16 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_177.nasl - Type : ACT_GATHER_INFO |
2005-04-16 | Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_firefox_103.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:59:34 |
|