fkie_cve-2008-0591
Vulnerability from fkie_nvd
Published
2008-02-09 00:00
Modified
2025-04-09 00:30
Severity ?
Summary
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
References
secalert@redhat.comhttp://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
secalert@redhat.comhttp://browser.netscape.com/releasenotes/
secalert@redhat.comhttp://lcamtuf.coredump.cx/ffclick2/Exploit
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html
secalert@redhat.comhttp://secunia.com/advisories/28754Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28758Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28766Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28808Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28818Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28839Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28864Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28865Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28877Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28879Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28924Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28939Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28958Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29049Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29086Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29164Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29167Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29567
secalert@redhat.comhttp://secunia.com/advisories/30327
secalert@redhat.comhttp://secunia.com/advisories/30620
secalert@redhat.comhttp://securityreason.com/securityalert/2781
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
secalert@redhat.comhttp://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0051
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0093
secalert@redhat.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1484
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1485
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1489
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1506
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:048
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:062
secalert@redhat.comhttp://www.mozilla.org/security/announce/2008/mfsa2008-08.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0103.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0104.htmlVendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0105.htmlVendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/470446/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/487826/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/488002/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/488971/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/24293
secalert@redhat.comhttp://www.securityfocus.com/bid/27683
secalert@redhat.comhttp://www.securitytracker.com/id?1019339
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-576-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0453/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0454/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0627/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1793/references
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=376473
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-1995
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10900
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
af854a3a-2127-422b-91ae-364da2661108http://browser.netscape.com/releasenotes/
af854a3a-2127-422b-91ae-364da2661108http://lcamtuf.coredump.cx/ffclick2/Exploit
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28754Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28758Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28766Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28808Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28818Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28839Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28864Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28865Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28877Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28879Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28924Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28939Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28958Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29049Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29086Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29164Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29167Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29567
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30327
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30620
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2781
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0051
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0093
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1484
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1485
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1489
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1506
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:048
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:062
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2008/mfsa2008-08.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0103.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0104.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0105.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/470446/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/487826/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/488002/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/488971/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24293
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27683
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1019339
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-576-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0453/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0454/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0627/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1793/references
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=376473
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1995
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10900
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html
Impacted products
Vendor Product Version
mozilla firefox *
mozilla thunderbird *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E4F934-1CC7-475C-B425-BEEF29AED912",
              "versionEndIncluding": "2.0.0.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25E3F549-B010-49E4-B8F6-B22727D57AA6",
              "versionEndIncluding": "2.0.0.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the \"dialog refocus bug\" or \"ffclick2\"."
    },
    {
      "lang": "es",
      "value": "Mozilla Firefox versiones anteriores a 2.0.0.12 y Thunderbird versiones anteriores a 2.0.0.12, no administra apropiadamente un temporizador de retardo utilizado en los di\u00e1logos de confirmaci\u00f3n, que podr\u00eda permitir a atacantes remotos enga\u00f1ar a los usuarios para que confirmen una acci\u00f3n no segura, como la ejecuci\u00f3n remota de archivos, mediante el uso de un temporizador para cambiar el enfoque de ventana, tambi\u00e9n conocido como el \"dialog refocus bug\" o \"ffclick2\"."
    }
  ],
  "id": "CVE-2008-0591",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-02-09T00:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://browser.netscape.com/releasenotes/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://lcamtuf.coredump.cx/ffclick2/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28754"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28758"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28766"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28808"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28818"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28839"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28864"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28865"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28877"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28879"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28924"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28939"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28958"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29049"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29086"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29164"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29167"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29567"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30327"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30620"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/2781"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0051"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0093"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1484"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1485"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1489"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1506"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:048"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-08.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0103.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0104.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0105.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/470446/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/487826/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/488002/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/488971/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/24293"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/27683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1019339"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-576-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0453/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0454/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0627/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1793/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=376473"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1995"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10900"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://browser.netscape.com/releasenotes/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lcamtuf.coredump.cx/ffclick2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28754"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28865"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28877"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28958"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:048"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-08.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0103.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0104.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0105.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/470446/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487826/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/488002/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/488971/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-576-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0453/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0454/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0627/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1793/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=376473"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10900"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…