Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar.
http://secunia.com/advisories/14938
http://www.mozilla.org/security/announce/mfsa2005-39.html
http://www.redhat.com/support/errata/RHSA-2005-383.html
http://www.securityfocus.com/bid/13231
https://bugzilla.mozilla.org/show_bug.cgi?id=290079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100019
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11734
Source: MITRE
Published: 2005-05-02
Updated: 2017-10-11
Type: NVD-CWE-Other
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
OR
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
21929 | CentOS 4 : Firefox (CESA-2005:383) | Nessus | CentOS Local Security Checks | high |
20546 | Ubuntu 4.10 : mozilla-firefox vulnerabilities (USN-149-3) | Nessus | Ubuntu Local Security Checks | high |
20513 | Ubuntu 5.04 : mozilla-firefox, mozilla vulnerabilities (USN-124-1) | Nessus | Ubuntu Local Security Checks | high |
18277 | Mandrake Linux Security Advisory : mozilla (MDKSA-2005:088) | Nessus | Mandriva Local Security Checks | high |
18154 | SUSE-SA:2005:028: Mozilla. Mozilla Firefox | Nessus | SuSE Local Security Checks | high |
18109 | RHEL 4 : firefox (RHSA-2005:383) | Nessus | Red Hat Local Security Checks | high |
18064 | Firefox < 1.0.3 Multiple Vulnerabilities | Nessus | Windows | high |
2789 | Mozilla Firefox < 1.7.7 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
2789 | Mozilla Firefox < 1.7.7 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
2788 | Mozilla Firefox < 1.0.3 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
2788 | Mozilla Firefox < 1.0.3 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
801293 | Mozilla < 1.7.7 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801293 | Mozilla < 1.7.7 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
800745 | Firefox < 1.0.3 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
800745 | Firefox < 1.0.3 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |