CVE-2005-2262

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
References
Link Resource
http://secunia.com/advisories/16043
http://secunia.com/advisories/16044
http://www.ciac.org/ciac/bulletins/p-252.shtml
http://www.mikx.de/firewalling/
http://www.mozilla.org/security/announce/mfsa2005-47.html
http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
http://www.redhat.com/support/errata/RHSA-2005-586.html
http://www.securiteam.com/securitynews/5ZP0E0UGAK.html
http://www.securityfocus.com/bid/14242
http://www.vupen.com/english/advisories/2005/1075
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097
http://secunia.com/advisories/16043
http://secunia.com/advisories/16044
http://www.ciac.org/ciac/bulletins/p-252.shtml
http://www.mikx.de/firewalling/
http://www.mozilla.org/security/announce/mfsa2005-47.html
http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
http://www.redhat.com/support/errata/RHSA-2005-586.html
http://www.securiteam.com/securitynews/5ZP0E0UGAK.html
http://www.securityfocus.com/bid/14242
http://www.vupen.com/english/advisories/2005/1075
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

History

20 Nov 2024, 23:59

Type Values Removed Values Added
References () http://secunia.com/advisories/16043 - () http://secunia.com/advisories/16043 -
References () http://secunia.com/advisories/16044 - () http://secunia.com/advisories/16044 -
References () http://www.ciac.org/ciac/bulletins/p-252.shtml - () http://www.ciac.org/ciac/bulletins/p-252.shtml -
References () http://www.mikx.de/firewalling/ - () http://www.mikx.de/firewalling/ -
References () http://www.mozilla.org/security/announce/mfsa2005-47.html - () http://www.mozilla.org/security/announce/mfsa2005-47.html -
References () http://www.networksecurity.fi/advisories/netscape-multiple-issues.html - () http://www.networksecurity.fi/advisories/netscape-multiple-issues.html -
References () http://www.novell.com/linux/security/advisories/2005_18_sr.html - () http://www.novell.com/linux/security/advisories/2005_18_sr.html -
References () http://www.novell.com/linux/security/advisories/2005_45_mozilla.html - () http://www.novell.com/linux/security/advisories/2005_45_mozilla.html -
References () http://www.redhat.com/support/errata/RHSA-2005-586.html - () http://www.redhat.com/support/errata/RHSA-2005-586.html -
References () http://www.securiteam.com/securitynews/5ZP0E0UGAK.html - () http://www.securiteam.com/securitynews/5ZP0E0UGAK.html -
References () http://www.securityfocus.com/bid/14242 - () http://www.securityfocus.com/bid/14242 -
References () http://www.vupen.com/english/advisories/2005/1075 - () http://www.vupen.com/english/advisories/2005/1075 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097 -

Information

Published : 2005-07-13 04:00

Updated : 2024-11-20 23:59


NVD link : CVE-2005-2262

Mitre link : CVE-2005-2262

CVE.ORG link : CVE-2005-2262


JSON object : View

Products Affected

mozilla

  • firefox