oval:org.mitre.oval:def:100041

Definition Id: oval:org.mitre.oval:def:100041

Oval ID:	oval:org.mitre.oval:def:100041
Title:	Mozilla 'user:pass@host' Spoofing Vulnerability
Description:	The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-0590	Version:	5
Platform(s):	Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	mozilla Mozilla Firefox Mozilla Thunderbird
Definition Synopsis:
Mozilla Firefox version 1.0 or earlier is installed Firefox version 1.0 or earlier is installed AND Mozilla Firefox version 1.0 or earlier is installed OR Mozilla Thunderbird version 1.0 or earlier is installed Mozilla Thunderbird version 1.0 or earlier is installed AND Mozilla Thunderbird version 1.0 or earlier is installed OR Mozilla Suite version 1.7.5 or earlier is installed Mozilla Suite version 1.7.5 or earlier is installed AND Mozilla Suite version 1.7.5 or earlier is installed