Red Hat Customer Portal

Skip to main content

CVE-2013-0776

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.

Details Source

Mitre

Public Date

2013-02-19 00:00:00

Impact

Moderate

Bugzilla

CVE-2013-0776 Mozilla: Phishing on HTTPS connection through malicious proxy (MFSA 2013-27)

Bugzilla ID

911 844

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:P/I:N/A:N

Acknowledgements

Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Michal Zalewski as the original reporter.

External References

http://www.mozilla.org/security/announce/2013/mfsa2013-27.html

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (thunderbird) RHSA-2013:0272 2013-02-19
Red Hat Enterprise Linux 6 (thunderbird) RHSA-2013:0272 2013-02-19
Red Hat Enterprise Linux 6 (firefox) RHSA-2013:0271 2013-02-19
Red Hat Enterprise Linux 5 (firefox) RHSA-2013:0271 2013-02-19
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (thunderbird) RHSA-2013:0272 2013-02-19

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 6 yelp 2.28.1-17.el6_3 Fixed
Red Hat Enterprise Linux version 6 libproxy 0.3.0-4.el6_3 Fixed
Red Hat Enterprise Linux version 6 xulrunner 17.0.3-1.el6_3 Fixed
Red Hat Enterprise Linux version 5 yelp 2.16.0-30.el5_9 Fixed
Red Hat Enterprise Linux version 5 xulrunner 17.0.3-1.el5_9 Fixed
Red Hat Enterprise Linux version 5 devhelp 0.12-23.el5_9 Fixed