CVE-2004-0909

Exploit

EPSS 6.56%
Published 31.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Mozilla Version0.8

Mozilla ≫ Mozilla Version0.9.2

Mozilla ≫ Mozilla Version0.9.2.1

Mozilla ≫ Mozilla Version0.9.3

Mozilla ≫ Mozilla Version0.9.4

Mozilla ≫ Mozilla Version0.9.4.1

Mozilla ≫ Mozilla Version0.9.5

Mozilla ≫ Mozilla Version0.9.6

Mozilla ≫ Mozilla Version0.9.7

Mozilla ≫ Mozilla Version0.9.8

Mozilla ≫ Mozilla Version0.9.9

Mozilla ≫ Mozilla Version0.9.35

Mozilla ≫ Mozilla Version0.9.48

Mozilla ≫ Mozilla Version1.0

Mozilla ≫ Mozilla Version1.0 Updaterc1

Mozilla ≫ Mozilla Version1.0 Updaterc2

Mozilla ≫ Mozilla Version1.0.1

Mozilla ≫ Mozilla Version1.0.2

Mozilla ≫ Mozilla Version1.1

Mozilla ≫ Mozilla Version1.1 Updatealpha

Mozilla ≫ Mozilla Version1.1 Updatebeta

Mozilla ≫ Mozilla Version1.2

Mozilla ≫ Mozilla Version1.2 Updatealpha

Mozilla ≫ Mozilla Version1.2 Updatebeta

Mozilla ≫ Mozilla Version1.2.1

Mozilla ≫ Mozilla Version1.3

Mozilla ≫ Mozilla Version1.3.1

Mozilla ≫ Mozilla Version1.4

Mozilla ≫ Mozilla Version1.4 Updatealpha

Mozilla ≫ Mozilla Version1.4 Updatebeta

Mozilla ≫ Mozilla Version1.4.1

Mozilla ≫ Mozilla Version1.4.2

Mozilla ≫ Mozilla Version1.4.4

Mozilla ≫ Mozilla Version1.5

Mozilla ≫ Mozilla Version1.5.1

Mozilla ≫ Mozilla Version1.6

Mozilla ≫ Mozilla Version1.7

Mozilla ≫ Mozilla Version1.7 Updatealpha

Mozilla ≫ Mozilla Version1.7 Updatebeta

Mozilla ≫ Mozilla Version1.7 Updaterc1

Mozilla ≫ Mozilla Version1.7 Updaterc2

Mozilla ≫ Mozilla Version1.7 Updaterc3

Mozilla ≫ Mozilla Version1.7.1

Mozilla ≫ Mozilla Version1.7.2

Mozilla ≫ Thunderbird Version0.1

Mozilla ≫ Thunderbird Version0.2

Mozilla ≫ Thunderbird Version0.3

Mozilla ≫ Thunderbird Version0.4

Mozilla ≫ Thunderbird Version0.5

Mozilla ≫ Thunderbird Version0.6

Mozilla ≫ Thunderbird Version0.7

Mozilla ≫ Thunderbird Version0.7.1

Mozilla ≫ Thunderbird Version0.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.56%	0.907

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

Vendor Advisory

http://marc.info/?l=bugtraq&m=109698896104418&w=2

http://security.gentoo.org/glsa/glsa-200409-26.xml

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

http://secunia.com/advisories/12526

http://bugzilla.mozilla.org/show_bug.cgi?id=253942

Exploit

http://www.kb.cert.org/vuls/id/113192

Third Party Advisory

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/17377

https://nvd.nist.gov/vuln/detail/CVE-2004-0909

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0909

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0909

EUVD