Oval Definition:	oval:org.mitre.oval:def:100032
Revision Date: 2007-05-09 Version: 5 Title: Mozilla Cross-site Scripting via Drag and Drop to Tab Description: Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-0231 Platform(s): Microsoft Windows 2000 Microsoft Windows NT Microsoft Windows Server 2003 Microsoft Windows XP Product(s): mozilla Mozilla Firefox Definition Synopsis Mozilla Firefox version 1.0 or earlier is installed Firefox version 1.0 or earlier is installed AND Mozilla Firefox version 1.0 or earlier is installed OR Mozilla Suite version 1.7.5 or earlier is installed Mozilla Suite version 1.7.5 or earlier is installed AND Mozilla Suite version 1.7.5 or earlier is installed
BACK