CVE-2004-0759
CVSS6.4
发布时间 :2004-08-18 00:00:00
修订时间 :2016-10-17 22:48:42
NMCOS    

[原文]Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.


[CNNVD]Mozilla Browser/Firefox未明JavaScript引擎整数溢出漏洞(CNNVD-200408-157)

        
        Mozilla Browser和Firefox都是非常流行的开放源码WEB浏览器。
        Mozilla和Firefox的JavaScript引擎中存在整数溢出漏洞,在有利的条件下,恶意的Web页面可能以运行Mozilla或Firefox用户的权限执行任意代码。
        

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11153Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an input type="file" tag.
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0759
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0759
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200408-157
(官方数据源) CNNVD

- 其它链接及资源

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
(UNKNOWN)  SCO  SCOSA-2005.49
http://bugzilla.mozilla.org/show_bug.cgi?id=241924
(VENDOR_ADVISORY)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=241924
http://marc.info/?l=bugtraq&m=109900315219363&w=2
(UNKNOWN)  FEDORA  FLSA:2089
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
(UNKNOWN)  CONFIRM  http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
(UNKNOWN)  SUSE  SUSE-SA:2004:036
http://www.redhat.com/support/errata/RHSA-2004-421.html
(UNKNOWN)  REDHAT  RHSA-2004:421
http://www.securityfocus.com/bid/15495
(UNKNOWN)  BID  15495
http://xforce.iss.net/xforce/xfdb/16870
(UNKNOWN)  XF  mozilla-warning-file-upload(16870)

- 漏洞信息

Mozilla Browser/Firefox未明JavaScript引擎整数溢出漏洞
中危 访问验证错误
2004-08-18 00:00:00 2006-04-07 00:00:00
远程  
        
        Mozilla Browser和Firefox都是非常流行的开放源码WEB浏览器。
        Mozilla和Firefox的JavaScript引擎中存在整数溢出漏洞,在有利的条件下,恶意的Web页面可能以运行Mozilla或Firefox用户的权限执行任意代码。
        

- 公告与补丁

        厂商补丁:
        Mozilla
        -------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        * Mozilla Upgrade Firefox 1.0.7
        
        http://www.mozilla.org/products/firefox/

        
        * Mozilla Upgrade Mozilla 1.7.12
        
        http://www.mozilla.org/products/mozilla1.x/

- 漏洞信息

8305
Mozilla Browsers Arbitrary File Upload
Remote / Network Access Other
Loss of Confidentiality
Exploit Public

- 漏洞描述

Mozilla contains a flaw that may allow a malicious user to capture or upload a file from a users machine. The issue is triggered when a user loads a malicious web page which uses a specially crafted javascript. It is possible that the flaw may allow an attacker to retrieve files from known locations without the user being notified, resulting in a loss of confidentiality.

- 时间线

2004-08-03 Unknow
2004-08-03 Unknow

- 解决方案

Upgrade to version 1.7 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): disable javascript functionality.

- 相关参考

- 漏洞作者

- 漏洞信息

Mozilla Browser Input Type HTML Tag Unauthorized Access Vulnerability
Access Validation Error 10874
Yes No
2004-08-05 12:00:00 2009-07-12 06:16:00
The individual responsible for the discovery of this issue is currently unknown; this issue was disclosed in the referenced bugzilla report.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI Advanced Linux Environment 3.0
SCO Unixware 7.1.4
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core1
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7
Avaya Network Routing
Mozilla Browser 1.7.2
Mozilla Browser 1.7.1

- 不受影响的程序版本

Mozilla Browser 1.7.2
Mozilla Browser 1.7.1

- 漏洞讨论

Mozilla browser is reportedly affected by an input type HTML tag unauthorized access vulnerability. This issue is due to an access validation error that allows access to arbitrary files on an unsuspecting user's system.

This issue will allow an attacker to obtain arbitrary files residing on the computer of an unsuspecting user that activates a malicious script.

- 漏洞利用

No exploit is required to leverage this issue.

- 解决方案

SCO has released an advisory SCOSA-2005.25 including updated packages to address this issue. Please see the referenced advisory for more information.

Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Fixes are not currently available; customers are advised to contact the vendor for further details regarding fix availability. Please see the referenced Avaya advisory at the following location for further details:
http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=198527&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

Red Hat has released advisory RHSA-2004:421-17 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

The vendor has released an upgrade dealing with this issue.

Slackware has released an advisory (SSA:2004-223-01) to address this issue. Please see the referenced advisory for more information.

SGI has made available Patch 10095, correcting this vulnerability for systems running SGI Advanced Linux Environment 3:

Patch 10095 is available from http://support.sgi.com/ and
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/

The individual RPMs from Patch 10095 are available from:
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS

SuSE Linux has released advisory SUSE-SA:2004:036 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Conectiva has released an advisory (CLA-2004:877) to address various issues including this in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.

The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.


Mozilla Browser 1.7

Mozilla Browser 1.7 rc3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站