ID CVE-2004-0763
Summary Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
oval via4
  • accepted 2005-03-09T07:56:00.000-04:00
    class vulnerability
    contributors
    name Brian Soby
    organization The MITRE Corporation
    description Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
    family unix
    id oval:org.mitre.oval:def:3989
    status accepted
    submitted 2005-01-19T12:00:00.000-04:00
    title Mozilla Firefox Certificate Spoofing Vulnerability
    version 35
  • accepted 2013-04-29T04:19:24.012-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
    family unix
    id oval:org.mitre.oval:def:9436
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
    version 29
redhat via4
advisories
rhsa
id RHSA-2004:421
refmap via4
bid 15495
bugtraq 20040726 Mozilla Firefox Certificate Spoofing
confirm
fedora FLSA:2089
fulldisc 20040725 Mozilla Firefox Certificate Spoofing
gentoo GLSA-200408-22
misc http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory
sco SCOSA-2005.49
secunia 12160
suse SUSE-SA:2004:036
xf mozilla-ssl-certificate-spoofing(16796)
Last major update 11-10-2017 - 01:29
Published 18-08-2004 - 04:00
Last modified 11-10-2017 - 01:29
Back to Top