CVE-2004-0907

EPSS 0.1%
Published 31.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Mozilla Version0.8

Mozilla ≫ Mozilla Version0.9.2

Mozilla ≫ Mozilla Version0.9.2.1

Mozilla ≫ Mozilla Version0.9.3

Mozilla ≫ Mozilla Version0.9.4

Mozilla ≫ Mozilla Version0.9.4.1

Mozilla ≫ Mozilla Version0.9.5

Mozilla ≫ Mozilla Version0.9.6

Mozilla ≫ Mozilla Version0.9.7

Mozilla ≫ Mozilla Version0.9.8

Mozilla ≫ Mozilla Version0.9.9

Mozilla ≫ Mozilla Version0.9.35

Mozilla ≫ Mozilla Version0.9.48

Mozilla ≫ Mozilla Version1.0

Mozilla ≫ Mozilla Version1.0 Updaterc1

Mozilla ≫ Mozilla Version1.0 Updaterc2

Mozilla ≫ Mozilla Version1.0.1

Mozilla ≫ Mozilla Version1.0.2

Mozilla ≫ Mozilla Version1.1

Mozilla ≫ Mozilla Version1.1 Updatealpha

Mozilla ≫ Mozilla Version1.1 Updatebeta

Mozilla ≫ Mozilla Version1.2

Mozilla ≫ Mozilla Version1.2 Updatealpha

Mozilla ≫ Mozilla Version1.2 Updatebeta

Mozilla ≫ Mozilla Version1.2.1

Mozilla ≫ Mozilla Version1.3

Mozilla ≫ Mozilla Version1.3.1

Mozilla ≫ Mozilla Version1.4

Mozilla ≫ Mozilla Version1.4 Updatealpha

Mozilla ≫ Mozilla Version1.4 Updatebeta

Mozilla ≫ Mozilla Version1.4.1

Mozilla ≫ Mozilla Version1.4.2

Mozilla ≫ Mozilla Version1.4.4

Mozilla ≫ Mozilla Version1.5

Mozilla ≫ Mozilla Version1.5.1

Mozilla ≫ Mozilla Version1.6

Mozilla ≫ Mozilla Version1.7

Mozilla ≫ Mozilla Version1.7 Updatealpha

Mozilla ≫ Mozilla Version1.7 Updatebeta

Mozilla ≫ Mozilla Version1.7 Updaterc1

Mozilla ≫ Mozilla Version1.7 Updaterc2

Mozilla ≫ Mozilla Version1.7 Updaterc3

Mozilla ≫ Mozilla Version1.7.1

Mozilla ≫ Mozilla Version1.7.2

Mozilla ≫ Thunderbird Version0.1

Mozilla ≫ Thunderbird Version0.2

Mozilla ≫ Thunderbird Version0.3

Mozilla ≫ Thunderbird Version0.4

Mozilla ≫ Thunderbird Version0.5

Mozilla ≫ Thunderbird Version0.6

Mozilla ≫ Thunderbird Version0.7

Mozilla ≫ Thunderbird Version0.7.1

Mozilla ≫ Thunderbird Version0.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.276

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://security.gentoo.org/glsa/glsa-200409-26.xml

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

http://bugzilla.mozilla.org/show_bug.cgi?id=254303

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/17373

https://nvd.nist.gov/vuln/detail/CVE-2004-0907

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0907

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0907

EUVD