Mozilla Security Vulnerabilities and Issues — Mozilla CVE List

Lucene search

MozillaMozilla

5 matches found

CVE•added 2005/03/04 5:0 a.m.•63 views

CVE-2005-0593

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshak...

2.6CVSS6.2AI score0.01252EPSS

CVE•added 2005/03/25 5:0 a.m.•61 views

CVE-2005-0587

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

6.5CVSS6.3AI score0.01084EPSS

CVE•added 2005/03/25 5:0 a.m.•60 views

CVE-2005-0592

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.

7.5CVSS7AI score0.03411EPSS

CVE•added 2005/03/23 5:0 a.m.•59 views

CVE-2005-0143

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.

2.6CVSS6.2AI score0.00774EPSS

CVE•added 2005/03/25 5:0 a.m.•54 views

CVE-2005-0585

Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.

2.6CVSS6.2AI score0.01346EPSS