CVE-2004-0764

high

Description

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418

https://exchange.xforce.ibmcloud.com/vulnerabilities/16837

http://www.securityfocus.com/bid/15495

http://www.securityfocus.com/bid/10832

http://www.redhat.com/support/errata/RHSA-2004-421.html

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7

http://www.kb.cert.org/vuls/id/262350

http://secunia.com/advisories/12188

http://marc.info/?l=bugtraq&m=109900315219363&w=2

http://bugzilla.mozilla.org/show_bug.cgi?id=244965

Details

Source: Mitre, NVD

Published: 2004-08-18

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Severity: High

EPSS

EPSS: 0.0254

Detections

Analytics