Lucene search

[email protected]NVD:CVE-2005-2260

HistoryJul 13, 2005 - 4:00 a.m.

CVE-2005-2260

2005-07-1304:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.023

Percentile

89.8%

JSON

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.

Affected configurations

NVD

Node

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillamozillaMatch1.3

mozillamozillaMatch1.4

mozillamozillaMatch1.4alpha

mozillamozillaMatch1.4.1

mozillamozillaMatch1.5

mozillamozillaMatch1.5alpha

mozillamozillaMatch1.5rc1

mozillamozillaMatch1.5rc2

mozillamozillaMatch1.5.1

mozillamozillaMatch1.6

mozillamozillaMatch1.6alpha

mozillamozillaMatch1.6beta

mozillamozillaMatch1.7

mozillamozillaMatch1.7alpha

mozillamozillaMatch1.7beta

mozillamozillaMatch1.7rc1

mozillamozillaMatch1.7rc2

mozillamozillaMatch1.7rc3

mozillamozillaMatch1.7.1

mozillamozillaMatch1.7.2

mozillamozillaMatch1.7.3

mozillamozillaMatch1.7.5

mozillamozillaMatch1.7.6

mozillamozillaMatch1.7.7

mozillamozillaMatch1.7.8

References

bugzilla.mozilla.org/show_bug.cgi?id=289940

secunia.com/advisories/16043

secunia.com/advisories/16044

secunia.com/advisories/16059

www.ciac.org/ciac/bulletins/p-252.shtml

www.debian.org/security/2005/dsa-810

www.mozilla.org/security/announce/mfsa2005-45.html

www.networksecurity.fi/advisories/netscape-multiple-issues.html

www.novell.com/linux/security/advisories/2005_18_sr.html

www.novell.com/linux/security/advisories/2005_45_mozilla.html

www.redhat.com/support/errata/RHSA-2005-586.html

www.redhat.com/support/errata/RHSA-2005-587.html

www.securityfocus.com/bid/14242

www.vupen.com/english/advisories/2005/1075

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100013

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10132

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1226

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A742

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.023

Percentile

89.8%

JSON

Related for NVD:CVE-2005-2260

cve1 cvelist1 ubuntucve1 nessus20 debian6 osv3 openvas12 centos3 ubuntu3 redhat2 suse1 freebsd1