Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0908

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2004-0908
Last Modified 21 Aug 2010 12:21:27
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0908

Summary

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

Vulnerable Systems

Application

  • Mozilla 0.8

  • Mozilla 0.9.2

  • Mozilla 0.9.2.1

  • Mozilla 0.9.3

  • Mozilla 0.9.35

  • Mozilla 0.9.4

  • Mozilla 0.9.4.1

  • Mozilla 0.9.48

  • Mozilla 0.9.5

  • Mozilla 0.9.6

  • Mozilla 0.9.7

  • Mozilla 0.9.8

  • Mozilla 0.9.9

  • Mozilla 1.0

  • Mozilla 1.0.1

  • Mozilla 1.0.2

  • Mozilla 1.1

  • Mozilla 1.2

  • Mozilla 1.2.1

  • Mozilla 1.3

  • Mozilla 1.3.1

  • Mozilla 1.4

  • Mozilla 1.4.1

  • Mozilla 1.4.2

  • Mozilla 1.4.4

  • Mozilla 1.5

  • Mozilla 1.5.1

  • Mozilla 1.6

  • Mozilla 1.7

  • Mozilla 1.7.1

  • Mozilla 1.7.2

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.2

  • Mozilla Thunderbird 0.3

  • Mozilla Thunderbird 0.4

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.7.1

  • Mozilla Thunderbird 0.7.2


References

CERT-VN - VU#460528

BID - 11179

SUSE - SUSE-SA:2004:036

FEDORA - FLSA:2089

CONFIRM - http://bugzilla.mozilla.org/show_bug.cgi?id=257523

XF - mozilla-shortcut-clipboard-access(17376)

CONFIRM - http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

GENTOO - GLSA-200409-26

SECUNIA - 12526

HP - SSRT4826


Last Updated: 27 May 2016 10:38:48