CVE-2005-0591
Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | 0.8 | 0.8.x |
| mozilla / firefox | 0.9.1 | 0.9.1.x |
| mozilla / firefox | 0.10.1 | 0.10.1.x |
| mozilla / firefox | 0.9 | 0.9.x |
| mozilla / firefox | 1.0 | 1.0.x |
| mozilla / firefox | 0.9.3 | 0.9.3.x |
| mozilla / firefox | 0.9.2 | 0.9.2.x |
| mozilla / firefox | 0.9-rc | 0.9-rc.x |
| mozilla / firefox | 0.10 | 0.10.x |
- http://marc.info/?l=bugtraq&m=110547286002188&w=2
- http://secunia.com/advisories/13786
- http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
- http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
- http://www.mikx.de/firespoofing/
- http://www.mikx.de/index.php?p=7
- http://www.mozilla.org/security/announce/mfsa2005-16.html
- http://www.redhat.com/support/errata/RHSA-2005-176.html
- http://www.redhat.com/support/errata/RHSA-2005-384.html
- http://www.securityfocus.com/bid/12234
- https://bugzilla.mozilla.org/show_bug.cgi?id=260560
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18864
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100042
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10039
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime