7.5

CVE-2005-1159

EPSS 3.69%
Published 02.05.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source secalert@redhat.com
Teams watchlist Login
Open Login

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.

Affected products Warnungen 0 Metrics 2 CWE 0 References 22

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Mozilla Version1.3

Mozilla ≫ Mozilla Version1.4

Mozilla ≫ Mozilla Version1.4 Updatealpha

Mozilla ≫ Mozilla Version1.4.1

Mozilla ≫ Mozilla Version1.5

Mozilla ≫ Mozilla Version1.5 Updatealpha

Mozilla ≫ Mozilla Version1.5 Updaterc1

Mozilla ≫ Mozilla Version1.5 Updaterc2

Mozilla ≫ Mozilla Version1.5.1

Mozilla ≫ Mozilla Version1.6

Mozilla ≫ Mozilla Version1.6 Updatealpha

Mozilla ≫ Mozilla Version1.6 Updatebeta

Mozilla ≫ Mozilla Version1.7

Mozilla ≫ Mozilla Version1.7 Updatealpha

Mozilla ≫ Mozilla Version1.7 Updatebeta

Mozilla ≫ Mozilla Version1.7 Updaterc1

Mozilla ≫ Mozilla Version1.7 Updaterc2

Mozilla ≫ Mozilla Version1.7 Updaterc3

Mozilla ≫ Mozilla Version1.7.1

Mozilla ≫ Mozilla Version1.7.2

Mozilla ≫ Mozilla Version1.7.3

Mozilla ≫ Mozilla Version1.7.5

Mozilla ≫ Mozilla Version1.7.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.69%	0.868

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://www.securityfocus.com/bid/15495

http://secunia.com/advisories/19823

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.redhat.com/support/errata/RHSA-2005-384.html

http://secunia.com/advisories/14938

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-383.html

Patch

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-386.html

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-601.html

http://secunia.com/advisories/14992

Patch

Vendor Advisory

http://securitytracker.com/id?1013742

Patch

http://securitytracker.com/id?1013743

Patch

http://www.mozilla.org/security/announce/mfsa2005-40.html

Vendor Advisory

http://www.securityfocus.com/bid/13232

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=290162

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/20123

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629

https://nvd.nist.gov/vuln/detail/CVE-2005-1159

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1159

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1159

EUVD