Lucene search
HistoryJan 29, 2005 - 5:00 a.m.
CVE-2005-0145
firefox
cve-2005-0145
click event
javascript
file download prompt
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.465 Medium
EPSS
Percentile
97.5%
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
Affected configurations
Node
mozillafirefoxMatch0.8
ORmozillafirefoxMatch0.9
ORmozillafirefoxMatch0.9rc
ORmozillafirefoxMatch0.9.1
ORmozillafirefoxMatch0.9.2
ORmozillafirefoxMatch0.9.3
ORmozillafirefoxMatch0.10
ORmozillafirefoxMatch0.10.1
ORmozillafirefoxMatch1.0
Related
nvd
nvd
CVE-2005-0145
2005-01-24 05:00:00
cvelist
cvelist
CVE-2005-0145
2005-01-29 05:00:00
ubuntucve
ubuntucve
CVE-2005-0145
2005-01-24 00:00:00
nessus
nessus
Firefox < 1.0.0 Multiple Vulnerabilities
2004-11-13 00:00:00
Ubuntu 4.10 : mozilla-firefox vulnerabilities (USN-149-3)
2006-01-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-149-3)
2022-08-26 00:00:00
ubuntu
ubuntu
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.465 Medium
EPSS
Percentile
97.5%
Related for CVE-2005-0145