Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2005-1937

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

Related bugs and status

CVE-2005-1937 (Candidate) is related to these bugs:

Bug #20648: Various security bugs unfixed in debian stable

Summary				In	Importance	Status
	20648	Various security bugs unfixed in debian stable		mozilla (Ubuntu)	High	Invalid
	20648	Various security bugs unfixed in debian stable		mozilla (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/mul...
CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
DEBIAN: DSA-777
BID: 14242
SECUNIA: 15601
DEBIAN: DSA-810
FEDORA: FLSA:160202
REDHAT: RHSA-2005:586
REDHAT: RHSA-2005:587
SUNALERT: 101952
SUSE: SUSE-SA:2005:045
SUSE: SUSE-SR:2005:018
VUPEN: ADV-2005-1075
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...