[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-0594Date: (C)2008-02-08   (M)2023-12-22


Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1019342
http://www.securityfocus.com/archive/1/487826/100/0/threaded
http://www.securityfocus.com/archive/1/488002/100/0/threaded
SUNALERT-238492
BID-27683
SECUNIA-28864
SECUNIA-28865
SECUNIA-28877
SECUNIA-28879
SECUNIA-28924
SECUNIA-28939
SECUNIA-28958
SECUNIA-29086
SECUNIA-29567
SECUNIA-30327
SECUNIA-30620
ADV-2008-0453
ADV-2008-0627
ADV-2008-1793
DSA-1484
DSA-1485
DSA-1489
DSA-1506
FEDORA-2008-1435
FEDORA-2008-1535
GLSA-200805-18
MDVSA-2008:048
SUSE-SA:2008:008
USN-576-1
http://browser.netscape.com/releasenotes/
http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html
http://wiki.rpath.com/Advisories:rPSA-2008-0051
http://www.mozilla.org/security/announce/2008/mfsa2008-11.html
https://bugzilla.mozilla.org/show_bug.cgi?id=408164

CPE    1
cpe:/a:mozilla:firefox
OVAL    5
oval:org.mitre.oval:def:7909
oval:org.mitre.oval:def:8000
oval:org.secpod.oval:def:301272
oval:org.mitre.oval:def:7914
...

© SecPod Technologies