Cross-Domain Scripting Vulnerability in Mozilla Firefox and Thunderbird
CVE-2004-0905

Currently unrated

Key Information:

Vendor

Mozilla
Status
Mozilla
Firefox
Linux
Navigator
Vendor
CVE Published:
14 September 2004

What is CVE-2004-0905?

This vulnerability allows remote attackers to perform cross-domain scripting by convincing a user to drag and drop malicious JavaScript links onto a page or frame in a different domain. If successfully executed, it may lead to unauthorized actions and the ability to run arbitrary code within the context of the user's session. This issue primarily affects versions of Mozilla Firefox prior to 1.7.3 and Thunderbird before 0.8, posing a significant security risk for users who engage with untrustworthy web content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/651928
third-party-advisoryx_refsource_CERT-VN
http://www.novell.com/linux/security/advisories/2004_36_m...
vendor-advisoryx_refsource_SUSE
http://bugzilla.mozilla.org/show_bug.cgi?id=250862
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.