Lucene search

K
freebsdFreeBSD810A5197-E0D9-11DC-891A-02061B08FC24
HistoryFeb 07, 2008 - 12:00 a.m.

mozilla -- multiple vulnerabilities

2008-02-0700:00:00
vuxml.freebsd.org
23

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.162 Low

EPSS

Percentile

95.9%

The Mozilla Foundation reports of multiple security issues
in Firefox, Seamonkey, and Thunderbird. Several of these
issues can probably be used to run arbitrary code with the
privilege of the user running the program.

Web forgery overwrite with div overlay
URL token stealing via stylesheet redirect
Mishandling of locally-saved plain text files
File action dialog tampering
Possible information disclosure in BMP decoder
Web browsing history and forward navigation stealing
Directory traversal via chrome: URI
Stored password corruption
Privilege escalation, XSS, Remote Code Execution
Multiple file input focus stealing vulnerabilities
Crashes with evidence of memory corruption (rv:1.8.1.12)

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.162 Low

EPSS

Percentile

95.9%