FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- scripting vulnerabilities

Affected packages
thunderbird < 0.8
de-linux-mozillafirebird < 1.p
el-linux-mozillafirebird < 1.p
firefox < 1.p
ja-linux-mozillafirebird-gtk1 < 1.p
ja-mozillafirebird-gtk2 < 1.p
linux-mozillafirebird < 1.p
ru-linux-mozillafirebird < 1.p
zhCN-linux-mozillafirebird < 1.p
zhTW-linux-mozillafirebird < 1.p
de-netscape7 <= 7.2
fr-netscape7 <= 7.2
ja-netscape7 <= 7.2
netscape7 <= 7.2
pt_BR-netscape7 <= 7.2
linux-mozilla < 1.7.3
linux-mozilla-devel < 1.7.3
mozilla-gtk1 < 1.7.3
mozilla < 1.7.3,2
0 <= de-linux-netscape
0 <= fr-linux-netscape
0 <= ja-linux-netscape
0 <= linux-netscape
0 <= linux-phoenix
0 <= mozilla+ipv6
0 <= mozilla-embedded
0 <= mozilla-firebird
0 <= mozilla-gtk
0 <= mozilla-gtk2
0 <= mozilla-thunderbird
0 <= phoenix

Details

VuXML ID b2e6d1d6-1339-11d9-bc4a-000c41e2cdad
Discovery 2004-09-13
Entry 2004-09-30

Several scripting vulnerabilities were discovered and corrected in Mozilla:

CVE-2004-0905

javascript; links dragged onto another frame or page allows an attacker to steal or modify sensitive information from other sites. The user could be convinced to drag obscurred links in the context of a game or even a fake scrollbar. If the user could be convinced to drag two links in sequence into a separate window (not frame) the attacker would be able to run arbitrary programs.

CVE-2004-0908

Untrusted javascript code can read and write to the clipboard, stealing any sensitive data the user might have copied. Workaround: disable javascript

CVE-2004-0909

Signed scripts requesting enhanced abilities could construct the request in a way that led to a confusing grant dialog, possibly fooling the user into thinking the privilege requested was inconsequential while actually obtaining explicit permission to run and install software. Workaround: Never grant enhanced abilities of any kind to untrusted web pages.

References

CVE Name CVE-2004-0905
CVE Name CVE-2004-0908
CVE Name CVE-2004-0909
URL http://bugzilla.mozilla.org/show_bug.cgi?id=250862
URL http://bugzilla.mozilla.org/show_bug.cgi?id=253942
URL http://bugzilla.mozilla.org/show_bug.cgi?id=257523