Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2005-1155
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1155

2005-05-0204:00:00
CWE-94
[email protected]
web.nvd.nist.gov
8

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.923

Percentile

99.0%

JSON

The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel=“icon”> tag with a javascript: URL in the href attribute, aka “Firelinking.”

Affected configurations

Nvd
Node
mozillafirefoxMatch0.8
OR
mozillafirefoxMatch0.9
OR
mozillafirefoxMatch0.9rc
OR
mozillafirefoxMatch0.9.1
OR
mozillafirefoxMatch0.9.2
OR
mozillafirefoxMatch0.9.3
OR
mozillafirefoxMatch0.10
OR
mozillafirefoxMatch0.10.1
OR
mozillafirefoxMatch1.0
OR
mozillafirefoxMatch1.0.1
OR
mozillafirefoxMatch1.0.2
OR
mozillamozillaMatch1.3
OR
mozillamozillaMatch1.4
OR
mozillamozillaMatch1.4alpha
OR
mozillamozillaMatch1.4.1
OR
mozillamozillaMatch1.5
OR
mozillamozillaMatch1.5alpha
OR
mozillamozillaMatch1.5rc1
OR
mozillamozillaMatch1.5rc2
OR
mozillamozillaMatch1.5.1
OR
mozillamozillaMatch1.6
OR
mozillamozillaMatch1.6alpha
OR
mozillamozillaMatch1.6beta
OR
mozillamozillaMatch1.7
OR
mozillamozillaMatch1.7alpha
OR
mozillamozillaMatch1.7beta
OR
mozillamozillaMatch1.7rc1
OR
mozillamozillaMatch1.7rc2
OR
mozillamozillaMatch1.7rc3
OR
mozillamozillaMatch1.7.1
OR
mozillamozillaMatch1.7.2
OR
mozillamozillaMatch1.7.3
OR
mozillamozillaMatch1.7.5
OR
mozillamozillaMatch1.7.6
VendorProductVersionCPE
mozillafirefox0.8cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
mozillafirefox0.9cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
mozillafirefox0.9cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
mozillafirefox0.9.1cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
mozillafirefox0.9.2cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
mozillafirefox0.9.3cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
mozillafirefox0.10cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
mozillafirefox0.10.1cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
mozillafirefox1.0cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
mozillafirefox1.0.1cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 341

Related

checkpoint_advisories 1
cve 1
cvelist 1
ubuntucve 1
cert 1
gentoo 1
nessus 13
redhat 3
centos 4
ubuntu 2
openvas 2
suse 1
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Link Tag Code Execution - Ver2 (CVE-2005-1155)
2014-03-03 00:00:00
cve
cve
CVE-2005-1155
2005-05-02 04:00:00
cvelist
cvelist
CVE-2005-1155
2005-04-18 04:00:00
ubuntucve
ubuntucve
CVE-2005-1155
2005-05-02 00:00:00
cert
cert
Mozilla may execute JavaScript with elevated privileges when defined in site icon tag
2005-04-19 00:00:00
gentoo
gentoo
Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
2005-04-19 00:00:00
nessus
nessus
GLSA-200504-18 : Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
2005-04-19 00:00:00
CentOS 4 : mozilla (CESA-2005:386)
2006-07-05 00:00:00
RHEL 4 : Mozilla (RHSA-2005:386)
2005-04-27 00:00:00
redhat
redhat
(RHSA-2005:386) Mozilla security update
2005-04-26 00:00:00
(RHSA-2005:383) firefox security update
2005-04-21 00:00:00
(RHSA-2005:384) Mozilla security update
2005-04-28 00:00:00
centos
centos
mozilla security update
2005-04-26 19:07:32
firefox security update
2005-04-21 11:02:39
mozilla security update
2005-04-29 03:28:26
ubuntu
ubuntu
Mozilla and Firefox vulnerabilities
2005-05-11 00:00:00
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-124-1)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-149-3)
2022-08-26 00:00:00
suse
suse
remote code execution in Mozilla. Mozilla Firefox
2005-04-27 14:48:46

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

0.923

Percentile

99.0%

JSON
Related for NVD:CVE-2005-1155
checkpoint_advisories1cve1cvelist1ubuntucve1cert1gentoo1nessus13redhat3centos4ubuntu2openvas2suse1