CVE-2005-1937 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-1937
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-1937

Description: A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

CVE Status: Candidate

References: SUSE http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101952-1 SAID Secunia Advisory: SA15601 REDHAT http://www.redhat.com/support/errata/RHSA-2005-587.html http://www.redhat.com/support/errata/RHSA-2005-586.html OVAL http://oval.mitre.org/oval/definitions/data/oval100007.html http://oval.mitre.org/oval/definitions/data/oval759.html http://oval.mitre.org/oval/definitions/data/oval637.html MISC http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ FEDORA DEBIAN http://www.debian.org/security/2005/dsa-810 http://www.debian.org/security/2005/dsa-777 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-51.html BID 14242

Return to the previous page.