Info

Disclosure

Mar 23, 2005

Discovery

Unknown

Dates

Exploit

Jun 09, 2006

Solution

Mar 23, 2005

Description

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Commercial
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 1.0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Security Tracker: 1013517 1013518 1013519
SCIP VulDB ID: 1298
Secunia Advisory ID: 14654 14684 14685 14699 14706 14709 14714 14735 14736 14737 15103 15432 17645 19823
ISS X-Force ID: 19269
CVE ID: 2005-0399 (see also: NVD)
CERT VU: 557948
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01133
http://www.mozilla.org/security/announce/mfsa2005-30.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
Other Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25/SCOSA-2005.25.txt http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.000123
http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-31.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-32.xml
http://xforce.iss.net/xforce/alerts/id/191
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/firefox_gif
Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=285595
CIAC Advisory: p-160
RedHat RHSA: RHSA-2005:323 RHSA-2005:337
Keyword: SCOSA-2005.49

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/14937