PT-2005-2524 · Mozilla+1 · Firefox+2

Moz_Bug_R_A4

Published

2005-05-12

Updated

2017-10-11

CVE-2005-1532

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 1.0.4 Mozilla Suite versions prior to 1.7.8

Description The issue allows remote attackers to conduct unauthorized activities due to improper limitation of privileges of Javascript eval and Script objects in the calling context. This is related to "non-DOM property overrides."

Recommendations For Firefox versions prior to 1.0.4, update to version 1.0.4 or later. For Mozilla Suite versions prior to 1.7.8, update to version 1.7.8 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2005-1532

DSA-781-1

RHSA-2005:434

RHSA-2005:435

RHSA-2005:601

RHSA-2005_434

RHSA-2005_435

RHSA-2005_601

Affected Products

Firefox

Suite

Red Hat

PT-2005-2524 · Mozilla+1 · Firefox+2

CVE-2005-1532

Weakness Enumeration

Related Identifiers

Affected Products

References · 45