7.5

CVE-2005-1532

EPSS 17.43%
Veröffentlicht 12.05.2005 04:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

NVD 36 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Mozilla Version1.3

Mozilla ≫ Mozilla Version1.4

Mozilla ≫ Mozilla Version1.4 Updatealpha

Mozilla ≫ Mozilla Version1.4.1

Mozilla ≫ Mozilla Version1.5

Mozilla ≫ Mozilla Version1.5 Updatealpha

Mozilla ≫ Mozilla Version1.5 Updaterc1

Mozilla ≫ Mozilla Version1.5 Updaterc2

Mozilla ≫ Mozilla Version1.5.1

Mozilla ≫ Mozilla Version1.6

Mozilla ≫ Mozilla Version1.6 Updatealpha

Mozilla ≫ Mozilla Version1.6 Updatebeta

Mozilla ≫ Mozilla Version1.7

Mozilla ≫ Mozilla Version1.7 Updatealpha

Mozilla ≫ Mozilla Version1.7 Updatebeta

Mozilla ≫ Mozilla Version1.7 Updaterc1

Mozilla ≫ Mozilla Version1.7 Updaterc2

Mozilla ≫ Mozilla Version1.7 Updaterc3

Mozilla ≫ Mozilla Version1.7.1

Mozilla ≫ Mozilla Version1.7.2

Mozilla ≫ Mozilla Version1.7.3

Mozilla ≫ Mozilla Version1.7.5

Mozilla ≫ Mozilla Version1.7.6

Mozilla ≫ Mozilla Version1.7.7

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	17.43%	0.945

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://www.securityfocus.com/bid/15495

http://secunia.com/advisories/19823

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.redhat.com/support/errata/RHSA-2005-601.html

http://www.redhat.com/support/errata/RHSA-2005-434.html

http://www.redhat.com/support/errata/RHSA-2005-435.html

http://www.vupen.com/english/advisories/2005/0530

http://securitytracker.com/id?1013964

http://securitytracker.com/id?1013965

http://www.mozilla.org/security/announce/mfsa2005-44.html

http://www.securityfocus.com/bid/13645

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100014

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10791

https://nvd.nist.gov/vuln/detail/CVE-2005-1532

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1532

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1532

EUVD