PT-2005-2523 · Mozilla+1 · Firefox+2

Georgi Guninski

Publicado

2005-05-12

Atualizado

2017-10-11

CVE-2005-1531

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 1.0.4 Mozilla Suite versions prior to 1.7.8

Description The issue is related to improper implementation of security checks for script injection, allowing remote attackers to execute scripts via javascript: URLs. This can be achieved through various methods, including using a javascript: URL in a view-source: URL, a javascript: URL in a jar: URL, or a nested variant.

Recommendations For Firefox versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. For Mozilla Suite versions prior to 1.7.8, update to version 1.7.8 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1531

RHSA-2005:434

RHSA-2005:435

RHSA-2005_434

RHSA-2005_435

Produtos afetados

Firefox

Suite

Red Hat

PT-2005-2523 · Mozilla+1 · Firefox+2

CVE-2005-1531

Identificadores relacionados

Produtos afetados

Referências · 20