Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0591

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-0591
Last Modified 17 Jul 2013 12:39:20
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-0591

Summary

Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."

Vulnerable Systems

Application

  • Mozilla Firefox 0.10

  • Mozilla Firefox 0.10.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 1.0


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=260560

GENTOO - GLSA-200503-30

GENTOO - GLSA-200503-10

CONFIRM - http://www.mozilla.org/security/announce/mfsa2005-16.html

MISC - http://www.mikx.de/index.php?p=7

MISC - http://www.mikx.de/firespoofing/

BUGTRAQ - 20050111 Firespoofing [Firefox 1.0]

XF - web-browser-modal-spoofing(18864)

BID - 12234

REDHAT - RHSA-2005:384

REDHAT - RHSA-2005:176

SECUNIA - 13786


Last Updated: 27 May 2016 10:39:51