CVE-2005-1160 — Mozilla Firefox vulnerability

13 documents6 sources

Severity

7.5HIGHNVD

NVD5.1CNA5.1

EPSS

4.3%

top 11.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla

Timeline

PublishedMay 2

Latest updateMay 3

Description

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmozilla/firefox11 versions+10

▶NVDmozilla/mozilla13 versions+12

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-ffv2-fj33-mvch: Firefox before 1↗2022-05-03

▶

GHSA

GHSA-r5gq-7c27-jhm8: The privileged "chrome" UI code in Firefox before 1↗2022-05-03

▶

CVEList

CVE-2005-1532: Firefox before 1↗2005-05-12

▶

CVEList

CVE-2005-1160: The privileged "chrome" UI code in Firefox before 1↗2005-04-18

▶

📋Vendor Advisories

Ubuntu

Mozilla Thunderbird vulnerabilities↗2005-08-01

▶

Ubuntu

Ubuntu 4.10 update for Firefox vulnerabilities↗2005-07-28

▶

Red Hat

security flaw↗2005-05-18

▶

Ubuntu

Mozilla and Firefox vulnerabilities↗2005-05-11

▶

Red Hat

security flaw↗2005-04-15

▶

💬Community

Bugzilla

CVE-2005-1532 security flaw↗2018-08-16

▶

Bugzilla

CVE-2005-1160 security flaw↗2018-08-16

▶