CVE-2004-0718

The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
References
Link Resource
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://bugzilla.mozilla.org/show_bug.cgi?id=246448
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://secunia.com/advisories/11978 Vendor Advisory
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ Vendor Advisory
http://www.debian.org/security/2005/dsa-777
http://www.debian.org/security/2005/dsa-810
http://www.mandriva.com/security/advisories?name=MDKSA-2004:082
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
http://www.redhat.com/support/errata/RHSA-2004-421.html
http://www.securityfocus.com/bid/15495
https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://bugzilla.mozilla.org/show_bug.cgi?id=246448
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://secunia.com/advisories/11978 Vendor Advisory
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ Vendor Advisory
http://www.debian.org/security/2005/dsa-777
http://www.debian.org/security/2005/dsa-810
http://www.mandriva.com/security/advisories?name=MDKSA-2004:082
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
http://www.redhat.com/support/errata/RHSA-2004-421.html
http://www.securityfocus.com/bid/15495
https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:firebirdsql:firebird:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt - () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt -
References () http://bugzilla.mozilla.org/show_bug.cgi?id=246448 - () http://bugzilla.mozilla.org/show_bug.cgi?id=246448 -
References () http://marc.info/?l=bugtraq&m=109900315219363&w=2 - () http://marc.info/?l=bugtraq&m=109900315219363&w=2 -
References () http://secunia.com/advisories/11978 - Vendor Advisory () http://secunia.com/advisories/11978 - Vendor Advisory
References () http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ - Vendor Advisory () http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ - Vendor Advisory
References () http://www.debian.org/security/2005/dsa-777 - () http://www.debian.org/security/2005/dsa-777 -
References () http://www.debian.org/security/2005/dsa-810 - () http://www.debian.org/security/2005/dsa-810 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2004:082 - () http://www.mandriva.com/security/advisories?name=MDKSA-2004:082 -
References () http://www.novell.com/linux/security/advisories/2004_36_mozilla.html - () http://www.novell.com/linux/security/advisories/2004_36_mozilla.html -
References () http://www.redhat.com/support/errata/RHSA-2004-421.html - () http://www.redhat.com/support/errata/RHSA-2004-421.html -
References () http://www.securityfocus.com/bid/15495 - () http://www.securityfocus.com/bid/15495 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/1598 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/1598 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4756 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9997 -

Information

Published : 2004-07-27 04:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-0718

Mitre link : CVE-2004-0718

CVE.ORG link : CVE-2004-0718


JSON object : View

Products Affected

firebirdsql

  • firebird

mozilla

  • mozilla

netscape

  • navigator