7.5

CVE-2005-1159

EPSS 3.69%
Veröffentlicht 02.05.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Mozilla Version1.3

Mozilla ≫ Mozilla Version1.4

Mozilla ≫ Mozilla Version1.4 Updatealpha

Mozilla ≫ Mozilla Version1.4.1

Mozilla ≫ Mozilla Version1.5

Mozilla ≫ Mozilla Version1.5 Updatealpha

Mozilla ≫ Mozilla Version1.5 Updaterc1

Mozilla ≫ Mozilla Version1.5 Updaterc2

Mozilla ≫ Mozilla Version1.5.1

Mozilla ≫ Mozilla Version1.6

Mozilla ≫ Mozilla Version1.6 Updatealpha

Mozilla ≫ Mozilla Version1.6 Updatebeta

Mozilla ≫ Mozilla Version1.7

Mozilla ≫ Mozilla Version1.7 Updatealpha

Mozilla ≫ Mozilla Version1.7 Updatebeta

Mozilla ≫ Mozilla Version1.7 Updaterc1

Mozilla ≫ Mozilla Version1.7 Updaterc2

Mozilla ≫ Mozilla Version1.7 Updaterc3

Mozilla ≫ Mozilla Version1.7.1

Mozilla ≫ Mozilla Version1.7.2

Mozilla ≫ Mozilla Version1.7.3

Mozilla ≫ Mozilla Version1.7.5

Mozilla ≫ Mozilla Version1.7.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.69%	0.868

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://www.securityfocus.com/bid/15495

http://secunia.com/advisories/19823

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.redhat.com/support/errata/RHSA-2005-384.html

http://secunia.com/advisories/14938

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-383.html

Patch

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-386.html

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-601.html

http://secunia.com/advisories/14992

Patch

Vendor Advisory

http://securitytracker.com/id?1013742

Patch

http://securitytracker.com/id?1013743

Patch

http://www.mozilla.org/security/announce/mfsa2005-40.html

Vendor Advisory

http://www.securityfocus.com/bid/13232

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=290162

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/20123

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629

https://nvd.nist.gov/vuln/detail/CVE-2005-1159

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1159

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1159

EUVD