CVE-2005-0590 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-0590 Interim 1 4 2023-12-09T02:22:49Z current 2021-05-30T12:32:09Z 2023-12-09T02:22:49Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-0590 The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/X3YEJBX7PCPEXDVVJSDPHPYP2KMMKMZW/#X3YEJBX7PCPEXDVVJSDPHPYP2KMMKMZW E-Mail link for SUSE-SA:2006:022 https://www.suse.com/support/security/rating/ SUSE Security Ratings The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. CVE-2005-0590 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N