2.6

CVE-2005-2268

Exploit
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version0.8
MozillaFirefox Version0.9
MozillaFirefox Version0.9 Updaterc
MozillaFirefox Version0.9.1
MozillaFirefox Version0.9.2
MozillaFirefox Version0.9.3
MozillaFirefox Version0.10
MozillaFirefox Version0.10.1
MozillaFirefox Version1.0
MozillaFirefox Version1.0.1
MozillaFirefox Version1.0.2
MozillaFirefox Version1.0.3
MozillaFirefox Version1.0.4
MozillaMozilla Version1.3
MozillaMozilla Version1.4
MozillaMozilla Version1.4 Updatealpha
MozillaMozilla Version1.4.1
MozillaMozilla Version1.5
MozillaMozilla Version1.5 Updatealpha
MozillaMozilla Version1.5 Updaterc1
MozillaMozilla Version1.5 Updaterc2
MozillaMozilla Version1.5.1
MozillaMozilla Version1.6
MozillaMozilla Version1.6 Updatealpha
MozillaMozilla Version1.6 Updatebeta
MozillaMozilla Version1.7
MozillaMozilla Version1.7 Updatealpha
MozillaMozilla Version1.7 Updatebeta
MozillaMozilla Version1.7 Updaterc1
MozillaMozilla Version1.7 Updaterc2
MozillaMozilla Version1.7 Updaterc3
MozillaMozilla Version1.7.1
MozillaMozilla Version1.7.2
MozillaMozilla Version1.7.3
MozillaMozilla Version1.7.5
MozillaMozilla Version1.7.6
MozillaMozilla Version1.7.7
MozillaMozilla Version1.7.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.88% 0.85
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.debian.org/security/2005/dsa-810
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
http://www.redhat.com/support/errata/RHSA-2005-586.html
http://www.redhat.com/support/errata/RHSA-2005-587.html
http://www.securityfocus.com/bid/14242
http://www.vupen.com/english/advisories/2005/1075
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202
http://secunia.com/advisories/15489
Patch
Vendor Advisory
Exploit
http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/
Exploit
http://www.mozilla.org/security/announce/mfsa2005-54.html
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10517
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1313