CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
69.3%
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | mozilla | 0.8 | cpe:2.3:a:mozilla:mozilla:0.8:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.2 | cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.2.1 | cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.3 | cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.4 | cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.4.1 | cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.5 | cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.6 | cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.7 | cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:* |
mozilla | mozilla | 0.9.8 | cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:* |
bugzilla.mozilla.org/show_bug.cgi?id=257523
marc.info/?l=bugtraq&m=109698896104418&w=2
marc.info/?l=bugtraq&m=109900315219363&w=2
secunia.com/advisories/12526
security.gentoo.org/glsa/glsa-200409-26.xml
www.kb.cert.org/vuls/id/460528
www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
www.novell.com/linux/security/advisories/2004_36_mozilla.html
www.securityfocus.com/bid/11179
exchange.xforce.ibmcloud.com/vulnerabilities/17376
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9745