CVE-2004-0764
First published: Tue Aug 03 2004(Updated: )
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Thunderbird | <=0.7 | |
| Firefox | <=0.9 | |
| Mozilla Firefox | <=1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugzilla.mozilla.org/show_bug.cgi?id=244965
- http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
- http://www.redhat.com/support/errata/RHSA-2004-421.html
- http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
- http://www.kb.cert.org/vuls/id/262350
- http://www.securityfocus.com/bid/10832
- http://secunia.com/advisories/12188
- http://www.securityfocus.com/bid/15495
- http://marc.info/?l=bugtraq&m=109900315219363&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16837
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418
Frequently Asked Questions
What is the severity of CVE-2004-0764?
CVE-2004-0764 is considered a moderate severity vulnerability due to the potential for user interface hijacking.
How do I fix CVE-2004-0764?
To fix CVE-2004-0764, you should update to the latest versions of Mozilla, Firefox, or Thunderbird that are beyond the affected versions.
What versions of software are affected by CVE-2004-0764?
Affected versions include Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7.
Can CVE-2004-0764 be exploited remotely?
Yes, CVE-2004-0764 can be exploited remotely through manipulated web content.
What does the 'chrome' flag in CVE-2004-0764 refer to?
The 'chrome' flag in CVE-2004-0764 allows remote sites to gain access to user interface aspects through XML User Interface Language (XUL) files.
- agent/references
- agent/type
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/mozilla
- canonical/thunderbird
- version/thunderbird/0.7
- canonical/firefox
- version/firefox/0.9
- canonical/mozilla firefox
- version/mozilla firefox/1.7