CVE-2005-0142 — Mozilla Firefox vulnerability

6 documents6 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 81.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Mozilla Thunderbird

Timeline

PublishedMay 2

Latest updateMay 1

Description

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶NVDmozilla/firefox0.9

▶NVDmozilla/thunderbird0.6, 0.7, 0.8+2

▶NVDmozilla/mozilla4 versions+3

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-q449-wmj9-fjj4: Firefox 0↗2022-05-01

▶

CVEList

CVE-2005-0142: Firefox 0↗2005-01-29

▶

📋Vendor Advisories

Ubuntu

Ubuntu 4.10 update for Firefox vulnerabilities↗2005-07-28

▶

Red Hat

security flaw↗2005-01-20

▶

💬Community

Bugzilla

CVE-2005-0142 security flaw↗2018-08-16

▶