GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | * | 2.0.0.12 (including) |
| Seamonkey | Mozilla | * | 1.1.8 (including) |
| Firefox | Ubuntu | dapper | * |
| Firefox | Ubuntu | edgy | * |
| Firefox | Ubuntu | feisty | * |
| Firefox | Ubuntu | gutsy | * |
| Firefox | Ubuntu | hardy | * |
| Firefox | Ubuntu | upstream | * |
| Iceape | Ubuntu | gutsy | * |
| Iceape | Ubuntu | upstream | * |
| Seamonkey | Ubuntu | devel | * |
| Seamonkey | Ubuntu | hardy | * |
| Seamonkey | Ubuntu | intrepid | * |
| Seamonkey | Ubuntu | upstream | * |
| Xulrunner | Ubuntu | devel | * |
| Xulrunner | Ubuntu | edgy | * |
| Xulrunner | Ubuntu | feisty | * |
| Xulrunner | Ubuntu | gutsy | * |
| Xulrunner | Ubuntu | hardy | * |
| Xulrunner | Ubuntu | intrepid | * |
| Red Hat Enterprise Linux 2.1 | RedHat | seamonkey-0:1.0.9-0.14.el2 | * |
| Red Hat Enterprise Linux 3 | RedHat | seamonkey-0:1.0.9-0.16.el3 | * |
| Red Hat Enterprise Linux 4 | RedHat | firefox-0:1.5.0.12-0.14.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | seamonkey-0:1.0.9-15.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | thunderbird-0:1.5.0.12-10.el4 | * |
| Red Hat Enterprise Linux 5 | RedHat | firefox-0:1.5.0.12-14.el5_1 | * |
| Red Hat Enterprise Linux 5 | RedHat | thunderbird-0:1.5.0.12-11.el5_1 | * |