CVE-2008-0594 — Mozilla Firefox vulnerability

8 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

1.7%

top 17.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedFeb 9

Latest updateMay 1

Description

Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmozilla/firefox2.0.0.11

🔴Vulnerability Details

GHSA

GHSA-7wr6-m3x7-mq75: Mozilla Firefox before 2↗2022-05-01

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2008-02-08

▶

Red Hat

mozilla: web forgery warning may not be displayed↗2008-02-07

▶

💬Community

Bugzilla

CVE-2008-3112 Java Web Start, arbitrary file creation (6703909)↗2008-07-09

▶

Bugzilla

CVE-2008-3114 Java Web Start, untrusted application may determine Cache Location (6704074)↗2008-07-09

▶

Bugzilla

CVE-2008-3109 CVE-2008-3110 Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)↗2008-07-09

▶

Bugzilla

CVE-2008-0594 mozilla: web forgery warning may not be displayed↗2008-02-08

▶