SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2004-0908

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 4.9
Impact Score: 4.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE

Reference:

http://bugzilla.mozilla.org/show_bug.cgi?id=257523

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

mozilla-shortcut-clipboard-access(17376)

oval:org.mitre.oval:def:9745


30479



423868



250039



909



195882



282