Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-0591

Опубликовано: 09 фев. 2008
Источник: ubuntu
Приоритет: low
CVSS2: 4.3

Описание

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1
devel

DNE

edgy

released

2.0.0.12+0nobinonly+2-0ubuntu0.6.10
feisty

released

2.0.0.12+1nobinonly+2-0ubuntu0.7.4
gutsy

released

2.0.0.12+2nobinonly+2-0ubuntu0.7.10
hardy

released

2.0.0.12+2nobinonly+2-0ubuntu3
intrepid

DNE

upstream

released

2.0.0.12

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

edgy

DNE

feisty

DNE

gutsy

ignored

end of life, was needs-triage
hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

edgy

DNE

feisty

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

edgy

DNE

feisty

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0
devel

DNE

edgy

released

1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0
feisty

released

1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0
gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

released

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.1.9+nobinonly-0ubuntu1
edgy

DNE

feisty

DNE

gutsy

DNE

hardy

released

1.1.9+nobinonly-0ubuntu1
intrepid

released

1.1.9+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.0.12+nobinonly-0ubuntu1
edgy

DNE

feisty

DNE

gutsy

released

2.0.0.12+nobinonly-0ubuntu0.7.10.0
hardy

released

2.0.0.12+nobinonly-0ubuntu1
intrepid

released

2.0.0.12+nobinonly-0ubuntu1
upstream

released

2.0.0.12

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.1.13+nobinonly-0ubuntu1
edgy

ignored

end of life, was needs-triage
feisty

ignored

end of life, was needs-triage
gutsy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1
hardy

released

1.8.1.13+nobinonly-0ubuntu1
intrepid

released

1.8.1.13+nobinonly-0ubuntu1
upstream

released

1.8.1.13

Показывать по

4.3 Medium

CVSS2

Связанные уязвимости

redhat
больше 17 лет назад

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".

nvd
больше 17 лет назад

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".

debian
больше 17 лет назад

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does n ...

github
около 3 лет назад

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".

oracle-oval
больше 17 лет назад

ELSA-2008-0103: Critical: firefox security update (CRITICAL)

4.3 Medium

CVSS2