CVE-2005-0591 Information

Description

Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes which could be used to trick users into executing script or downloading and executing a file aka \Firespoofing.\

Reference

http://marc.info/?l=bugtraq&m=110547286002188&w=2 http://secunia.com/advisories/13786 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml http://www.mikx.de/firespoofing/ http://www.mikx.de/index.php?p=7 http://www.mozilla.org/security/announce/mfsa2005-16.html http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://www.securityfocus.com/bid/12234 https://bugzilla.mozilla.org/show_bug.cgi?id=260560 https://exchange.xforce.ibmcloud.com/vulnerabilities/18864 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100042 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10039