Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugzilla.mozilla.org/show_bug.cgi?id=253942 - Exploit | |
References | () http://marc.info/?l=bugtraq&m=109698896104418&w=2 - | |
References | () http://secunia.com/advisories/12526 - | |
References | () http://security.gentoo.org/glsa/glsa-200409-26.xml - | |
References | () http://www.kb.cert.org/vuls/id/113192 - Third Party Advisory, US Government Resource | |
References | () http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 - | |
References | () http://www.novell.com/linux/security/advisories/2004_36_mozilla.html - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17377 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0909
Mitre link : CVE-2004-0909
CVE.ORG link : CVE-2004-0909
JSON object : View
Products Affected
mozilla
- mozilla
- thunderbird
CWE