Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2262

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-2262
Last Modified 07 Mar 2011 09:24:00
Published 13 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2262

Summary

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."

Vulnerable Systems

Application

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4


References

VUPEN - ADV-2005-1075

CONFIRM - http://www.mozilla.org/security/announce/mfsa2005-47.html

MISC - http://www.mikx.de/firewalling/

BID - 14242

MISC - http://www.securiteam.com/securitynews/5ZP0E0UGAK.html

REDHAT - RHSA-2005:586

SUSE - SUSE-SA:2005:045

SUSE - SUSE-SR:2005:018

MISC - http://www.networksecurity.fi/advisories/netscape-multiple-issues.html

CIAC - P-252

SECUNIA - 16044

SECUNIA - 16043


Last Updated: 27 May 2016 10:40:28