FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-1937

This CVE name corresponds to:

Entered Topic
2005-07-16 firefox & mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-1937 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-1937
Phase Assigned(20050613)

Description

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

References

Source Reference
MISC http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
CONFIRM http://www.mozilla.org/security/announce/mfsa2005-51.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=296850
DEBIAN DSA-777
DEBIAN DSA-810
FEDORA FLSA:160202
REDHAT RHSA-2005:586
REDHAT RHSA-2005:587
SUNALERT 101952
SUSE SUSE-SA:2005:045
SUSE SUSE-SR:2005:018
BID 14242
OVAL oval:org.mitre.oval:def:10633
VUPEN ADV-2005-1075
OVAL oval:org.mitre.oval:def:637
OVAL oval:org.mitre.oval:def:759
OVAL oval:org.mitre.oval:def:100007
SECUNIA 15601

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.