CVE-2004-0908 — Mozilla vulnerability

5 documents5 sources

Severity

4.0MEDIUMNVD

EPSS

4.6%

top 10.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Mozilla Thunderbird

Timeline

PublishedDec 31

Latest updateApr 29

Description

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 4.9 | Impact: 4.9

Affected Packages2 packages

▶NVDmozilla/thunderbird9 versions+8

▶NVDmozilla/mozilla31 versions+30

Patches

Patch: bugzilla.mozilla.org ↗Patch: www.novell.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-8c73-9gh8-7c8v: Mozilla Firefox before the Preview Release, Mozilla before 1↗2022-04-29

▶

CVEList

CVE-2004-0908: Mozilla Firefox before the Preview Release, Mozilla before 1↗2004-09-24

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-08-31

▶

💬Community

Bugzilla

CVE-2004-0908 security flaw↗2018-08-16

▶