Vulnerability in Conectiva Linux

CVE-2004-0905

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: li…

EPSS: 0.030 (85.8th percentile) — read the EPSS interpretation.

Affected products

Conectiva Linux — versions 9.0, 10.0
Mozilla Firefox — versions 0.8, 0.9, 0.9.1
Mozilla — versions 1.0, 1.0.1, 1.0.2
Netscape Navigator — versions 7.0, 7.0.2, 7.1
Redhat Enterprise_linux — versions 2.1, 3.0
Redhat Enterprise_linux_desktop — versions 3.0
Redhat Fedora_core — versions core_1.0
Redhat Linux — versions 7.3, 9.0
Redhat Linux_advanced_workstation — versions 2.1
Suse Suse_linux — versions 1.0, 8, 8.1

References

cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUSE, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (US Government Resource, Patch, Third Party Advisory, x_refsource_CERT, third-party-advisory)