MitreCVE-2004-0762CVE-2004-0762
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.2%
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Affected configurations
References
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html
bugzilla.mozilla.org/show_bug.cgi?id=162020
marc.info/?l=bugtraq&m=109900315219363&w=2
secunia.com/advisories/11999/
www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
www.novell.com/linux/security/advisories/2004_36_mozilla.html
www.redhat.com/support/errata/RHSA-2004-421.html
www.securityfocus.com/bid/15495
www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
exchange.xforce.ibmcloud.com/vulnerabilities/16623
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10032
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4403
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.2%