CVE-2005-2706

6 documents6 sources
Severity
6.4MEDIUM
EPSS
3.0%
top 13.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Mozilla Suite
Timeline
PublishedSep 23
Latest updateMay 3

Description

Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDmozilla/firefox1.0.6+6
NVDmozilla/mozilla_suite1.7.11+4

🔴Vulnerability Details

2
GHSA
GHSA-whcc-xgj9-gfj9: Firefox before 12022-05-03
CVEList
CVE-2005-2706: Firefox before 12005-09-23

📋Vendor Advisories

2
Ubuntu
Thunderbird vulnerabilities2005-10-11
Red Hat
security flaw2005-09-22

💬Community

1
Bugzilla
CVE-2005-2706 security flaw2018-08-16
CVE-2005-2706 (MEDIUM CVSS 6.4) | Firefox before 1.0.7 and Mozilla be | cvebase.io