CVE-2004-0908

high

Description

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9745

https://exchange.xforce.ibmcloud.com/vulnerabilities/17376

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

http://www.kb.cert.org/vuls/id/460528

http://security.gentoo.org/glsa/glsa-200409-26.xml

http://secunia.com/advisories/12526

http://marc.info/?l=bugtraq&m=109900315219363&w=2

http://marc.info/?l=bugtraq&m=109698896104418&w=2

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Severity: High