Oval Definition:oval:org.mitre.oval:def:9650
Revision Date:2013-04-29Version:11
Title:The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
Description:FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-0401
Platform(s):CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • mozilla-js-debugger is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-chat is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-mail is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-dom-inspector is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-devel is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-nss is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-nss-devel is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-nspr is earlier than 37:1.7.7-1.1.3.4
  • OR mozilla-nspr-devel is earlier than 37:1.7.7-1.1.3.4
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • mozilla-js-debugger is earlier than 37:1.7.6-1.4.1
  • OR devhelp-devel is earlier than 0:0.9.2-2.4.3
  • OR mozilla is earlier than 37:1.7.6-1.4.1
  • OR mozilla-chat is earlier than 37:1.7.6-1.4.1
  • OR mozilla-mail is earlier than 37:1.7.6-1.4.1
  • OR mozilla-dom-inspector is earlier than 37:1.7.6-1.4.1
  • OR devhelp is earlier than 0:0.9.2-2.4.3
  • OR mozilla-nss is earlier than 37:1.7.6-1.4.1
  • OR evolution is earlier than 0:2.0.2-14
  • OR mozilla-devel is earlier than 37:1.7.6-1.4.1
  • OR mozilla-nss-devel is earlier than 37:1.7.6-1.4.1
  • OR firefox is earlier than 0:1.0.2-1.4.1
  • OR mozilla-nspr is earlier than 37:1.7.6-1.4.1
  • OR mozilla-nspr-devel is earlier than 37:1.7.6-1.4.1
  • OR evolution-devel is earlier than 0:2.0.2-14
    • BACK