Lucene search

K

[email protected]CVE-2005-2706

HistorySep 23, 2005 - 7:03 p.m.

CVE-2005-2706

2005-09-2319:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

58

cve-2005-2706

firefox

mozilla

remote code execution

about: page

nvd

6.6 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.954 High

EPSS

Percentile

99.4%

Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq1.0.2
mozilla:firefoxmozilla firefoxle1.0.6
mozilla:mozilla_suitemozilla mozilla suitele1.7.11
mozilla:mozilla_suitemozilla mozilla suiteeq1.7.10
mozilla:firefoxmozilla firefoxeq1.0.4
mozilla:mozilla_suitemozilla mozilla suiteeq1.7.8
mozilla:firefoxmozilla firefoxeq1.0
mozilla:firefoxmozilla firefoxeq1.0.1
mozilla:firefoxmozilla firefoxeq1.0.3
mozilla:mozilla_suitemozilla mozilla suiteeq1.7.7

Rows per page:

1-10 of 121

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

secunia.com/advisories/16911

secunia.com/advisories/16917

secunia.com/advisories/16977

secunia.com/advisories/17014

secunia.com/advisories/17026

secunia.com/advisories/17042

secunia.com/advisories/17090

secunia.com/advisories/17149

secunia.com/advisories/17263

secunia.com/advisories/17284

secunia.com/advisories/19823

securitytracker.com/id?1014954

www.debian.org/security/2005/dsa-838

www.debian.org/security/2005/dsa-866

www.debian.org/security/2005/dsa-868

www.mandriva.com/security/advisories?name=MDKSA-2005:169

www.mandriva.com/security/advisories?name=MDKSA-2005:170

www.mandriva.com/security/advisories?name=MDKSA-2005:174

www.mozilla.org/security/announce/mfsa2005-58.html

www.novell.com/linux/security/advisories/2005_58_mozilla.html

www.novell.com/linux/security/advisories/2006_04_25.html

www.osvdb.org/19648

www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html

www.redhat.com/support/errata/RHSA-2005-785.html

www.redhat.com/support/errata/RHSA-2005-789.html

www.redhat.com/support/errata/RHSA-2005-791.html

www.securityfocus.com/bid/14920

www.securityfocus.com/bid/15495

www.ubuntu.com/usn/usn-200-1

www.vupen.com/english/advisories/2005/1824

exchange.xforce.ibmcloud.com/vulnerabilities/22378

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11317

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1443

6.6 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.954 High

EPSS

Percentile

99.4%

Related for CVE-2005-2706

ubuntucve1 checkpoint_advisories1 cvelist1 openvas10 debian6 freebsd1 nessus25 osv3 suse3 redhat3 centos4 ubuntu1 gentoo1