PT-2005-2890 · Mozilla+1 · Firefox+2

John Dalbec

Published

2005-06-13

Updated

2017-10-11

CVE-2005-1937

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox version 1.0.3 Mozilla version 1.7.7

Description A regression error allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. This issue is a re-introduction of a previously identified and addressed vulnerability.

Recommendations For Firefox version 1.0.3, update to a version that addresses this regression error. For Mozilla version 1.7.7, update to a version that addresses this regression error. As a temporary workaround, consider restricting the use of framesets in Firefox and Mozilla until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1937

DSA-775-1

DSA-777-1

DSA-810-1

DTSA-14-1

DTSA-7-1

DTSA-8-2

RHSA-2005:586

RHSA-2005:587

RHSA-2005_586

RHSA-2005_587

Affected Products

Firefox

Mozilla Firefox

Red Hat

PT-2005-2890 · Mozilla+1 · Firefox+2

CVE-2005-1937

Related Identifiers

Affected Products

References · 48