Intrusion Prevention

Mozilla.onunload.SSL.Certificate.Spoofing

Description

A certificate spoofing vulnerability has been identified in the products based on the Mozilla Gecko web browser engine, which display the security settings of a web page. Using the unload event, an attacker can trigger the browser to load a valid certificate from a trusted web site and show the "secure padlock" icon. However the displayed content comes from a malicious web site.

Affected Products

Mozilla Thunderbird 0.7.2
Mozilla Thunderbird 0.7.1
Mozilla Thunderbird 0.7
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9
Mozilla Firefox 0.8
Mozilla Browser 1.7.1
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7
Mozilla Browser 1.6
Mozilla Browser 1.5
Mozilla Browser 1.4.2
Mozilla Browser 1.4.1
Mozilla Browser 1.4 b
Mozilla Browser 1.4 a
Mozilla Browser 1.4
Mozilla Browser 1.3.1
Mozilla Browser 1.3
Mozilla Browser 1.2.1
Mozilla Browser 1.2 Beta
Mozilla Browser 1.2 Alpha
Mozilla Browser 1.2
Mozilla Browser 1.1 Beta
Mozilla Browser 1.1 Alpha
Mozilla Browser 1.1
Mozilla Browser 1.0.2
Mozilla Browser 1.0.1
Mozilla Browser 1.0 RC2
Mozilla Browser 1.0 RC1
Mozilla Browser 1.0
Mozilla Browser 0.9.48
Mozilla Browser 0.9.35
Mozilla Browser 0.9.9
Mozilla Browser 0.9.8
Mozilla Browser 0.9.7
Mozilla Browser 0.9.6
Mozilla Browser 0.9.5
Mozilla Browser 0.9.4 .1
Mozilla Browser 0.9.4
Mozilla Browser 0.9.3
Mozilla Browser 0.9.2 .1
Mozilla Browser 0.9.2
Mozilla Browser 0.8

Impact

Certificate spoofing.

CVE References

CVE-2004-0763