Lucene search

Tenable2671.PRM

HistoryMar 04, 2005 - 12:00 a.m.

Mozilla Firefox < 1.7.6 Multiple Vulnerabilities

2005-03-0400:00:00

Tenable

www.tenable.com

JSON

stripped_description=Versions of Mozilla Firefox prior to 1.7.6 are affected by the following vulnerabilities :

There is a flaw in the way that the browser handles scripting within ‘tabbed’ cross-domains. An attacker exploiting this flaw would need to be able to convince a user to click on a malicious URL which would then open a separate ‘TAB’ within the browser. The attacker could then retrieve data relevant to other tabbed connections or execute code locally.
There is a flaw in the default ‘about: config’ script that would allow an attacker to modify configuration data. In order to execute such an attack, the attacker would need to be able to entice the user into visiting or clicking on a malicious URL. A successful attacker would be able to modify the local configuration file, resulting in enhanced access rights or other potential exploits. In addition, there are other unconfirmed flaws in Mozilla version 1.7.5 and lower.

Binary data 2671.prm

VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

Vendor	Product	Version	CPE
mozilla	firefox		cpe:/a:mozilla:firefox

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0599

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0718

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0722

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0757

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0759

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0760

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0761

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0762

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0764

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0231

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0232

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0255

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0399

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0401

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0402

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0578

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0584

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0585

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0586

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0587

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0588

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0589

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0590

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0592

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0593

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0752

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0989

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1153

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1154

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1155

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1156

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1157

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1159

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1160

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1476

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1477

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1531

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1532

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2701

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2702

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2703

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2704

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2705

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2706

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2707

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2968

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4809

www.mozilla.org/security

JSON