Lucene search

RedhatCVE-2005-2270

HistoryJul 13, 2005 - 4:00 a.m.

CVE-2005-2270

2005-07-1304:00:00

redhat

web.nvd.nist.gov

cve-2005-2270

firefox

mozilla

remote code execution

security vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

0.089

Percentile

94.6%

JSON

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.

Affected configurations

Nvd

Node

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillamozillaMatch1.3

mozillamozillaMatch1.4

mozillamozillaMatch1.4alpha

mozillamozillaMatch1.4.1

mozillamozillaMatch1.5

mozillamozillaMatch1.5alpha

mozillamozillaMatch1.5rc1

mozillamozillaMatch1.5rc2

mozillamozillaMatch1.5.1

mozillamozillaMatch1.6

mozillamozillaMatch1.6alpha

mozillamozillaMatch1.6beta

mozillamozillaMatch1.7

mozillamozillaMatch1.7alpha

mozillamozillaMatch1.7beta

mozillamozillaMatch1.7rc1

mozillamozillaMatch1.7rc2

mozillamozillaMatch1.7rc3

mozillamozillaMatch1.7.1

mozillamozillaMatch1.7.2

mozillamozillaMatch1.7.3

mozillamozillaMatch1.7.5

mozillamozillaMatch1.7.6

mozillamozillaMatch1.7.7

mozillamozillaMatch1.7.8

VendorProductVersionCPE
mozillamozilla1.7cpe:/a:mozilla:mozilla:1.7:beta::
mozillamozilla1.7.5cpe:/a:mozilla:mozilla:1.7.5:::
mozillafirefox0.8cpe:/a:mozilla:firefox:0.8:::
mozillamozilla1.7cpe:/a:mozilla:mozilla:1.7:alpha::
mozillafirefox1.0.2cpe:/a:mozilla:firefox:1.0.2:::
mozillamozilla1.4cpe:/a:mozilla:mozilla:1.4:alpha::
mozillamozilla1.7.1cpe:/a:mozilla:mozilla:1.7.1:::
mozillamozilla1.5.1cpe:/a:mozilla:mozilla:1.5.1:::
mozillamozilla1.4cpe:/a:mozilla:mozilla:1.4:::
mozillamozilla1.7.8cpe:/a:mozilla:mozilla:1.7.8:::

Vendor	Product	Version	CPE
mozilla	mozilla	1.7	cpe:/a:mozilla:mozilla:1.7:beta::
mozilla	mozilla	1.7.5	cpe:/a:mozilla:mozilla:1.7.5:::
mozilla	firefox	0.8	cpe:/a:mozilla:firefox:0.8:::
mozilla	mozilla	1.7	cpe:/a:mozilla:mozilla:1.7:alpha::
mozilla	firefox	1.0.2	cpe:/a:mozilla:firefox:1.0.2:::
mozilla	mozilla	1.4	cpe:/a:mozilla:mozilla:1.4:alpha::
mozilla	mozilla	1.7.1	cpe:/a:mozilla:mozilla:1.7.1:::
mozilla	mozilla	1.5.1	cpe:/a:mozilla:mozilla:1.5.1:::
mozilla	mozilla	1.4	cpe:/a:mozilla:mozilla:1.4:::
mozilla	mozilla	1.7.8	cpe:/a:mozilla:mozilla:1.7.8:::