CVE-2005-2268

Publication date 13 July 2005

Last updated 24 July 2024


Ubuntu priority

Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the “Dialog Origin Spoofing Vulnerability.”

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
mozilla 7.04 feisty Not in release
6.10 edgy
Fixed 1.7.12-1.1ubuntu2
6.06 LTS dapper
Fixed 1.7.12-1.1ubuntu2

References

Related Ubuntu Security Notices (USN)

    • USN-155-1
    • Mozilla vulnerabilities
    • 27 July 2005
    • USN-149-1
    • Firefox vulnerabilities
    • 21 July 2005
    • USN-149-3
    • Ubuntu 4.10 update for Firefox vulnerabilities
    • 28 July 2005

Other references