CVE-2005-2262
published 2005-07-13CVE-2005-2262: Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in…
PriorityP431medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
6.55%
93.0th percentile
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
vendor_redhat5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hhwp-x6c3-m33w: Firefox 1
ghsa_unreviewed·2022-05-01
CVE-2005-2262 [MEDIUM] GHSA-hhwp-x6c3-m33w: Firefox 1
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
Ubuntu
Ubuntu 4.10 update for Firefox vulnerabilities
vendor_ubuntu·2005-07-28
CVE-2004-1156 Ubuntu 4.10 update for Firefox vulnerabilities
Title: Ubuntu 4.10 update for Firefox vulnerabilities
Summary: Ubuntu 4.10 update for Firefox vulnerabilities
USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 (Hoary
Hedgehog) version of Firefox. The version shipped with Ubuntu 4.10
(Warty Warthog) is also vulnerable to these flaws, so it needs to be
upgraded as well. Please see
http://www.ubuntulinux.org/support/documentation/usn/usn-149-1
for the original advisory.
This update also fixes several older vulnerabilities; Some of them
could be exploited to execute arbitrary code with full user privileges
if the user visited a malicious web site. (MFSA-2005-01 to
MFSA-2005-44; please see the following web site for details:
http://www.mozilla.org/projects/security/known-vulnerabilities.html)
Instructions: In general, a standard sy
Red Hat
security flaw
vendor_redhat·2005-07-12·CVSS 5.1
CVE-2005-2262 [MEDIUM] security flaw
security flaw
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
No detection rules found.
http://secunia.com/advisories/16043http://secunia.com/advisories/16044http://www.ciac.org/ciac/bulletins/p-252.shtmlhttp://www.mikx.de/firewalling/http://www.mozilla.org/security/announce/mfsa2005-47.htmlhttp://www.networksecurity.fi/advisories/netscape-multiple-issues.htmlhttp://www.novell.com/linux/security/advisories/2005_18_sr.htmlhttp://www.novell.com/linux/security/advisories/2005_45_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2005-586.htmlhttp://www.securiteam.com/securitynews/5ZP0E0UGAK.htmlhttp://www.securityfocus.com/bid/14242http://www.vupen.com/english/advisories/2005/1075https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097http://secunia.com/advisories/16043http://secunia.com/advisories/16044http://www.ciac.org/ciac/bulletins/p-252.shtmlhttp://www.mikx.de/firewalling/http://www.mozilla.org/security/announce/mfsa2005-47.htmlhttp://www.networksecurity.fi/advisories/netscape-multiple-issues.htmlhttp://www.novell.com/linux/security/advisories/2005_18_sr.htmlhttp://www.novell.com/linux/security/advisories/2005_45_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2005-586.htmlhttp://www.securiteam.com/securitynews/5ZP0E0UGAK.htmlhttp://www.securityfocus.com/bid/14242http://www.vupen.com/english/advisories/2005/1075https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097
2005-07-13
Published