PT-2005-2890 · Mozilla+1 · Firefox+2

John Dalbec

Publicado

2005-06-13

Atualizado

2017-10-11

CVE-2005-1937

CVSS v2.0

2.6

Baixa

Vetor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox version 1.0.3 Mozilla version 1.7.7

Description A regression error allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. This issue is a re-introduction of a previously identified and addressed vulnerability.

Recommendations For Firefox version 1.0.3, update to a version that addresses this regression error. For Mozilla version 1.7.7, update to a version that addresses this regression error. As a temporary workaround, consider restricting the use of framesets in Firefox and Mozilla until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1937

DSA-775-1

DSA-777-1

DSA-810-1

DTSA-14-1

DTSA-7-1

DTSA-8-2

RHSA-2005:586

RHSA-2005:587

RHSA-2005_586

RHSA-2005_587

Produtos afetados

Firefox

Mozilla Firefox

Red Hat

PT-2005-2890 · Mozilla+1 · Firefox+2

CVE-2005-1937

Identificadores relacionados

Produtos afetados

Referências · 48