CVE-2004-0762

CVE Database · CVE-2004-0762

CVE-2004-0762

· N/AModified

CVSS v3.1

N/A

EPSS

1.98%

Published

Aug 18, 2004

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.

Affected Products (3)

mozilla · firefoxvulnerable

mozilla · mozillavulnerable

mozilla · thunderbirdvulnerable

References (20)

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html

http://bugzilla.mozilla.org/show_bug.cgi?id=162020

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=109900315219363&w=2

http://secunia.com/advisories/11999/

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

http://www.redhat.com/support/errata/RHSA-2004-421.html

http://www.securityfocus.com/bid/15495

http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/

KEV Catalog EPSS Scores Vendors All CVEs