CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
94.8%
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not
properly verify the associated types of DOM node names within the context
of their namespaces, which allows remote attackers to modify certain tag
properties, possibly leading to execution of arbitrary script or code, as
demonstrated using an XHTML document with IMG tags with custom properties
(“XHTML node spoofing”).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | mozilla | < 1.7.12-1.1ubuntu2 | UNKNOWN |
ubuntu | 6.10 | noarch | mozilla | < 1.7.12-1.1ubuntu2 | UNKNOWN |
ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.6.06 | UNKNOWN |
ubuntu | 6.10 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.6.10 | UNKNOWN |
ubuntu | 7.04 | noarch | mozilla-thunderbird | < 1.5.0.13-0ubuntu0.7.04 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2005-2269
nvd.nist.gov/vuln/detail/CVE-2005-2269
security-tracker.debian.org/tracker/CVE-2005-2269
ubuntu.com/security/notices/USN-149-1
ubuntu.com/security/notices/USN-149-3
ubuntu.com/security/notices/USN-155-1
ubuntu.com/security/notices/USN-157-1
www.cve.org/CVERecord?id=CVE-2005-2269