CVE-2004-0764
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
88.8%
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the “chrome” flag and XML User Interface Language (XUL) files.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| mozilla:firefox | mozilla firefox | le | 0.9 |
| mozilla:mozilla | mozilla | le | 1.7 |
| mozilla:thunderbird | mozilla thunderbird | le | 0.7 |
References
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
bugzilla.mozilla.org/show_bug.cgi?id=244965
marc.info/?l=bugtraq&m=109900315219363&w=2
secunia.com/advisories/12188
www.kb.cert.org/vuls/id/262350
www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
www.novell.com/linux/security/advisories/2004_36_mozilla.html
www.redhat.com/support/errata/RHSA-2004-421.html
www.securityfocus.com/bid/10832
www.securityfocus.com/bid/15495
exchange.xforce.ibmcloud.com/vulnerabilities/16837
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
88.8%