| Vulnerability Name: | CVE-2005-0591 (CCN-18864) | ||||||||||||||||||||
| Assigned: | 2005-01-12 | ||||||||||||||||||||
| Published: | 2005-01-12 | ||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||
| Summary: | Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | ||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Other | ||||||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Jan 10 2005 - 17:22:09 CST Firespoofing [Firefox 1.0] Source: MITRE Type: CNA CVE-2004-1380 Source: MITRE Type: CNA CVE-2005-0591 Source: BUGTRAQ Type: UNKNOWN 20050111 Firespoofing [Firefox 1.0] Source: CCN Type: RHSA-2005-176 firefox security update Source: CCN Type: RHSA-2005-323 mozilla security update Source: CCN Type: RHSA-2005-335 mozilla security update Source: CCN Type: RHSA-2005-384 Mozilla security update Source: CCN Type: SA12712 Mozilla / Mozilla Firefox / Camino Tabbed Browsing Vulnerabilities Source: CCN Type: SA13786 Mozilla / Mozilla Firefox Dialog Overlapping Weakness Source: SECUNIA Type: UNKNOWN 13786 Source: CCN Type: CIAC INFORMATION BULLETIN P-149 Firefox Security Update Source: CCN Type: CIAC INFORMATION BULLETIN P-168 Mozilla Security Update Source: CCN Type: GLSA-200503-10 Mozilla Firefox: Various vulnerabilities Source: GENTOO Type: Patch, Vendor Advisory GLSA-200503-10 Source: CCN Type: GLSA-200503-30 Mozilla Suite: Multiple vulnerabilities Source: GENTOO Type: Patch, Vendor Advisory GLSA-200503-30 Source: MISC Type: Exploit http://www.mikx.de/firespoofing/ Source: MISC Type: Vendor Advisory http://www.mikx.de/index.php?p=7 Source: CONFIRM Type: UNKNOWN http://www.mozilla.org/security/announce/mfsa2005-16.html Source: REDHAT Type: UNKNOWN RHSA-2005:176 Source: REDHAT Type: UNKNOWN RHSA-2005:384 Source: BID Type: UNKNOWN 12234 Source: CCN Type: BID-12234 Mozilla/Netscape/Firefox Browser Modal Dialog Spoofing Vulnerability Source: CCN Type: USN-149-3 Ubuntu 4.10 update for Firefox vulnerabilities Source: CONFIRM Type: Patch https://bugzilla.mozilla.org/show_bug.cgi?id=260560 Source: XF Type: UNKNOWN web-browser-modal-spoofing(18864) Source: XF Type: UNKNOWN web-browser-modal-spoofing(18864) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100042 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10039 | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||