CVE-2005-2267

CVSS v2.0 7.5 (High)

EPSS 64.54 % (98^th)

Affected Products 1

Advisories 4

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.

Weaknesses

CWE-NVD-Other

Related CVEs

CVE-2008-2933

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2005-07-13 04:00:00
(19 years ago)
Updated Date: 2017-10-11 01:30:15
(7 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 0.8	cpe:2.3:a:mozilla:firefox:0.8
	Mozilla Firefox 0.9	cpe:2.3:a:mozilla:firefox:0.9
	Mozilla Firefox 0.9 Rc	cpe:2.3:a:mozilla:firefox:0.9:rc
	Mozilla Firefox 0.9.1	cpe:2.3:a:mozilla:firefox:0.9.1
	Mozilla Firefox 0.9.2	cpe:2.3:a:mozilla:firefox:0.9.2
	Mozilla Firefox 0.9.3	cpe:2.3:a:mozilla:firefox:0.9.3
	Mozilla Firefox 0.10	cpe:2.3:a:mozilla:firefox:0.10
	Mozilla Firefox 0.10.1	cpe:2.3:a:mozilla:firefox:0.10.1
	Mozilla Firefox 1.0	cpe:2.3:a:mozilla:firefox:1.0
	Mozilla Firefox 1.0.1	cpe:2.3:a:mozilla:firefox:1.0.1
	Mozilla Firefox 1.0.2	cpe:2.3:a:mozilla:firefox:1.0.2
	Mozilla Firefox 1.0.3	cpe:2.3:a:mozilla:firefox:1.0.3
	Mozilla Firefox 1.0.4	cpe:2.3:a:mozilla:firefox:1.0.4