Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2707

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2707
Last Modified 07 Mar 2011 09:24:55
Published 23 Sep 2005 03:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2707

Summary

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.

Vulnerable Systems

Application

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Suite 1.7.10

  • Mozilla Suite 1.7.11

  • Mozilla Suite 1.7.6

  • Mozilla Suite 1.7.7

  • Mozilla Suite 1.7.8


References

REDHAT - RHSA-2005:785

VUPEN - ADV-2005-1824

SUSE - SUSE-SA:2006:004

CONFIRM - http://www.mozilla.org/security/announce/mfsa2005-59.html

MANDRIVA - MDKSA-2005:170

MANDRIVA - MDKSA-2005:169

SECTRACK - 1014954

XF - mozilla-chrome-window-spoofing(22380)

BID - 15495

BID - 14919

REDHAT - RHSA-2005:791

REDHAT - RHSA-2005:789

FEDORA - FLSA-2006:168375

SUSE - SUSE-SA:2006:022

SUSE - SUSE-SA:2005:058

MANDRIVA - MDKSA-2005:174

DEBIAN - DSA-868

DEBIAN - DSA-866

DEBIAN - DSA-838

SECUNIA - 19823

SECUNIA - 17284

SECUNIA - 17263

SECUNIA - 17149

SECUNIA - 17090

SECUNIA - 17042

SECUNIA - 17026

SECUNIA - 17014

SECUNIA - 16977

SECUNIA - 16917

SECUNIA - 16911

SCO - SCOSA-2005.49


Last Updated: 27 May 2016 10:40:36