正文

Mozilla/Firefox文件下载对话框欺骗漏洞

admin
admin V管理员 /0 评论 /10 阅读
1231
此篇文章发布距今已超过1276天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Mozilla/Firefox文件下载对话框欺骗漏洞

  • CNNVD编号:CNNVD-200503-135
    • <!--
  • 危害等级: 低危-->
  • 危害等级: 低危
  • CVE编号: CVE-2005-0585
  • 漏洞类型: 设计错误
  • 发布时间: 2005-03-25
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: mozilla
  • 漏洞来源: Discovery is credi...

漏洞简介

Firefox 1.0.1之前版本及Mozilla 1.7.6之前版本将长子域或路径切断进行显示,远程恶意网站可能会欺骗合法站点并协助网络钓鱼攻击。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

RedHat Fedora Core2

Fedora devhelp-0.9.1-0.2.5.i386.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora devhelp-0.9.1-0.2.5.x86_64.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora devhelp-debuginfo-0.9.1-0.2.5.i386.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora devhelp-debuginfo-0.9.1-0.2.5.x86_64.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora devhelp-devel-0.9.1-0.2.5.i386.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora devhelp-devel-0.9.1-0.2.5.x86_64.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora epiphany-1.2.10-0.2.1.i386.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora epiphany-1.2.10-0.2.1.x86_64.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora epiphany-debuginfo-1.2.10-0.2.1.i386.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Fedora epiphany-debuginfo-1.2.10-0.2.1.x86_64.rpm

RedHat Fedora Core 2

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

Mozilla Firefox 1.0

Mozilla firefox-1.0.1-source.tar.bz2

http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.1/source/f irefox-1.0.1-source.tar.bz2

Mozilla Browser 1.7.3

Fedora mozilla-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-chat-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-chat-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-debuginfo-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-debuginfo-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-devel-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-devel-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-dom-inspector-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-dom-inspector-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-js-debugger-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-js-debugger-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-mail-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-mail-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-nspr-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-nspr-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-nspr-devel-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-nspr-devel-1.7.6-1.3.2.x86_64.rpm

RedHat Fedora Core 3

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Fedora mozilla-nss-1.7.6-1.3.2.i386.rpm

RedHat Fedora Core 3

http://downl

参考网址

来源: www.mozilla.org

链接:http://www.mozilla.org/security/announce/mfsa2005-23.html

来源: GENTOO

名称: GLSA-200503-30

链接:http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml

来源: GENTOO

名称: GLSA-200503-10

链接:http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml

来源: MISC

链接:http://secunia.com/secunia_research/2004-15/advisory/

来源: SECUNIA

名称: 13599

链接:http://secunia.com/advisories/13599

来源: REDHAT

名称: RHSA-2005:384

链接:http://www.redhat.com/support/errata/RHSA-2005-384.html

来源: REDHAT

名称: RHSA-2005:176

链接:http://www.redhat.com/support/errata/RHSA-2005-176.html

来源: US Government Resource: oval:org.mitre.oval:def:100035

名称: oval:org.mitre.oval:def:100035

链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100035

受影响实体

  • Mozilla Firefox:0.8  
    <!--
    2000-1-1
    -->
  • Mozilla Firefox:0.9  
    <!--
    2000-1-1
    -->
  • Mozilla Firefox:0.9:Rc  
    <!--
    2000-1-1
    -->
  • Mozilla Firefox:0.9.1  
    <!--
    2000-1-1
    -->
  • Mozilla Firefox:0.9.2  
    <!--
    2000-1-1
    -->

补丁

    暂无