FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2260

This CVE name corresponds to:

Entered Topic
2005-07-16 firefox & mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-2260
Phase Assigned(20050713)

Description

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.

References

Source Reference
MISC http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
CONFIRM http://www.mozilla.org/security/announce/mfsa2005-45.html
MISC http://bugzilla.mozilla.org/show_bug.cgi?id=289940
DEBIAN DSA-810
FEDORA FLSA:160202
REDHAT RHSA-2005:586
REDHAT RHSA-2005:587
SUSE SUSE-SA:2005:045
SUSE SUSE-SR:2005:018
CIAC P-252
BID 14242
OVAL oval:org.mitre.oval:def:10132
VUPEN ADV-2005-1075
OVAL oval:org.mitre.oval:def:100013
OVAL oval:org.mitre.oval:def:1226
OVAL oval:org.mitre.oval:def:742
SECUNIA 16043
SECUNIA 16044
SECUNIA 16059