Oval Definition:	oval:org.mitre.oval:def:100015
Revision Date: 2007-03-21 Version: 5 Title: Mozilla JavaScript Wrapping Vulnerability Description: Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-1531 Platform(s): Microsoft Windows 2000 Microsoft Windows NT Microsoft Windows Server 2003 Microsoft Windows XP Product(s): mozilla Mozilla Firefox Definition Synopsis Mozilla Firefox version 1.0.3 or earlier is installed Firefox version 1.0.3 or earlier is installed AND Mozilla Firefox version 1.0.3 or earlier is installed OR Mozilla Suite version 1.7.7 or earlier is installed Mozilla Suite version 1.7.7 or earlier is installed AND Mozilla Suite version 1.7.7 or earlier is installed
BACK