Lucene search
Mozilla FoundationMFSA2008-08HistoryFeb 07, 2008 - 12:00 a.m.
File action dialog tampering — Mozilla
2008-02-0700:00:00
Mozilla Foundation
www.mozilla.org
24
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.083
Percentile
94.4%
Security researcher Michal Zalewski demonstrated that timer-enabled security dialogs can be subverted by attackers using JavaScript to change the window focus. Zalewski showed that a user could be tricked into confirming a security dialog of this type by bringing the dialog back into focus right before a user clicked in a predictable time and place.
Affected configurations
Node
mozillafirefoxRange<2.0.0.12
Related
veracode
veracode
Information Disclosure
2020-04-10 00:19:48
nvd
nvd
CVE-2008-0591
2008-02-09 00:00:00
CVE-2007-3090
2007-06-06 21:30:00
cve
cve
CVE-2008-0591
2008-02-09 00:00:00
CVE-2007-3090
2007-06-06 21:30:00
prion
prion
Design/Logic Flaw
2008-02-09 00:00:00
Design/Logic Flaw
2007-06-06 21:30:00
cvelist
cvelist
CVE-2008-0591
2008-02-08 23:00:00
ubuntucve
ubuntucve
CVE-2008-0591
2008-02-09 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-08
2008-02-10 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulonerabilities
2008-02-11 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2008:062)
2009-04-23 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-582-1)
2008-03-04 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
osv
osv
icedove - several vulnerabilities
2008-02-10 00:00:00
openvas
openvas
Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)
2009-04-09 00:00:00
Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)
2009-04-09 00:00:00
Ubuntu: Security Advisory (USN-582-1)
2009-03-23 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-02-29 00:00:00
redhat
redhat
(RHSA-2008:0105) Critical: thunderbird security update
2008-02-07 00:00:00
(RHSA-2008:0103) Critical: firefox security update
2008-02-07 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: thunderbird-2.0.0.12-1.fc8
2008-02-28 21:38:54
[SECURITY] Fedora 8 Update: seamonkey-1.1.8-1.fc8
2008-02-13 04:53:43
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.12-1.fc7
2008-02-28 21:46:05
oraclelinux
oraclelinux
Moderate: thunderbird security update
2008-02-08 00:00:00
Critical: firefox security update
2008-02-08 00:00:00
centos
centos
thunderbird security update
2008-02-08 19:19:22
firefox security update
2008-02-08 19:18:05
seamonkey security update
2008-02-11 00:20:26
seebug
seebug
Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12修复多个安全漏洞
2008-02-22 00:00:00
debian
debian
[SECURITY] [DSA 1506-2] New iceape packages fix regression
2008-03-20 01:41:06
[SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities
2008-02-24 12:30:41
[SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities
2008-02-10 20:23:48
suse
suse
remote code execution in MozillaFirefox,seamonkey
2008-02-15 17:07:07
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.083
Percentile
94.4%
Related for MFSA2008-08