Lucene search

K
cve[email protected]CVE-2005-2269
HistoryJul 13, 2005 - 4:00 a.m.

CVE-2005-2269

2005-07-1304:00:00
NVD-CWE-Other
web.nvd.nist.gov
34
firefox
mozilla
netscape
dom
node name
verification
vulnerability
exploit
nvd

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

94.9%

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties (“XHTML node spoofing”).

References

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

94.9%

Related for CVE-2005-2269