CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
88.8%
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the “chrome” flag and XML User Interface Language (XUL) files.
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
bugzilla.mozilla.org/show_bug.cgi?id=244965
marc.info/?l=bugtraq&m=109900315219363&w=2
secunia.com/advisories/12188
www.kb.cert.org/vuls/id/262350
www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
www.novell.com/linux/security/advisories/2004_36_mozilla.html
www.redhat.com/support/errata/RHSA-2004-421.html
www.securityfocus.com/bid/10832
www.securityfocus.com/bid/15495
exchange.xforce.ibmcloud.com/vulnerabilities/16837
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419