← voltar
CVE-2005-0401

CVE-2005-0401

EPSS 3.3%
FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://marc.info/?l=bugtraq&m=111168413007891&w=2http://mikx.de/firescrolling2/http://secunia.com/advisories/14654https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100026https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9650http://www.gentoo.org/security/en/glsa/glsa-200503-30.xmlhttp://www.mozilla.org/security/announce/mfsa2005-32.htmlhttp://www.redhat.com/support/errata/RHSA-2005-335.htmlhttp://www.redhat.com/support/errata/RHSA-2005-336.htmlhttp://www.redhat.com/support/errata/RHSA-2005-384.htmlhttp://www.securityfocus.com/bid/12885http://www.vupen.com/english/advisories/2005/0296