CVE-2004-0908

Sažetak

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

Reference

http://bugzilla.mozilla.org/show_bug.cgi?id=257523
http://marc.info/?l=bugtraq&m=109698896104418&w=2
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://secunia.com/advisories/12526
http://security.gentoo.org/glsa/glsa-200409-26.xml
http://www.kb.cert.org/vuls/id/460528
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
http://www.securityfocus.com/bid/11179
https://exchange.xforce.ibmcloud.com/vulnerabilities/17376
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9745

CVSS

Base:	4.0
Impact:	4.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

11-10-2017 - 01:29

Objavljeno

31-12-2004 - 05:00