Lucene search

[email protected]NVD:CVE-2005-1160

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1160

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

The privileged “chrome” UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.

Affected configurations

Nvd

Node

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillamozillaMatch1.3

mozillamozillaMatch1.4

mozillamozillaMatch1.4alpha

mozillamozillaMatch1.4.1

mozillamozillaMatch1.5

mozillamozillaMatch1.5alpha

mozillamozillaMatch1.5rc1

mozillamozillaMatch1.5rc2

mozillamozillaMatch1.5.1

mozillamozillaMatch1.6

mozillamozillaMatch1.6alpha

mozillamozillaMatch1.6beta

mozillamozillaMatch1.7

mozillamozillaMatch1.7alpha

mozillamozillaMatch1.7beta

mozillamozillaMatch1.7rc1

mozillamozillaMatch1.7rc2

mozillamozillaMatch1.7rc3

mozillamozillaMatch1.7.1

mozillamozillaMatch1.7.2

mozillamozillaMatch1.7.3

mozillamozillaMatch1.7.5

mozillamozillaMatch1.7.6

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

secunia.com/advisories/14938

secunia.com/advisories/14992

secunia.com/advisories/19823

www.gentoo.org/security/en/glsa/glsa-200504-18.xml

www.mozilla.org/security/announce/mfsa2005-41.html

www.novell.com/linux/security/advisories/2006_04_25.html

www.redhat.com/support/errata/RHSA-2005-383.html

www.redhat.com/support/errata/RHSA-2005-384.html

www.redhat.com/support/errata/RHSA-2005-386.html

www.redhat.com/support/errata/RHSA-2005-601.html

www.securityfocus.com/bid/13233

www.securityfocus.com/bid/15495

bugzilla.mozilla.org/show_bug.cgi?id=289074

bugzilla.mozilla.org/show_bug.cgi?id=289083

bugzilla.mozilla.org/show_bug.cgi?id=289961

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100017

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11291

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

0.005

Percentile

76.1%

JSON

Related for NVD:CVE-2005-1160

cvelist2 ubuntucve2 cve2 nvd1 openvas5 ubuntu5 nessus22 gentoo1 redhat4 centos5 osv1 debian2 suse3