CVE-2004-0762 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2004-0762
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0762

Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/16623 SUSE http://www.novell.com/linux/security/advisories/2004_36_mozilla.html SCO SAID Secunia Advisory: SA11999 REDHAT http://www.redhat.com/support/errata/RHSA-2004-421.html OVAL http://oval.mitre.org/oval/definitions/data/oval4403.html MISC http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html FEDORA http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2 CONFIRM http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7 http://bugzilla.mozilla.org/show_bug.cgi?id=162020 BID 15495

Return to the previous page.