CVE-2004-0761 — Mozilla Firefox vulnerability

5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

1.5%

top 19.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Mozilla Thunderbird

Timeline

PublishedAug 18

Latest updateMay 3

Description

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDmozilla/firefox0.9

▶NVDmozilla/thunderbird0.7

▶NVDmozilla/mozilla1.7

Patches

Patch: bugzilla.mozilla.org ↗Patch: bugzilla.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-v4fj-43xc-9937: Mozilla before 1↗2022-05-03

▶

CVEList

CVE-2004-0761: Mozilla before 1↗2004-08-03

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-07-22

▶

💬Community

Bugzilla

CVE-2004-0761 security flaw↗2018-08-16

▶