CVE-2005-2267
Last modified
CVE-2005-2267 is a vulnerability of currently unknown severity. Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.. EPSS estimates a 4.49% chance of exploitation in the next 30 days.
Description
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 0.8 |
| Mozilla | Firefox | 0.9 |
| Mozilla | Firefox | 0.9.1 |
| Mozilla | Firefox | 0.9.2 |
| Mozilla | Firefox | 0.9.3 |
| Mozilla | Firefox | 0.10 |
| Mozilla | Firefox | 0.10.1 |
| Mozilla | Firefox | 1.0 |
| Mozilla | Firefox | 1.0.1 |
| Mozilla | Firefox | 1.0.2 |
| Mozilla | Firefox | 1.0.3 |
| Mozilla | Firefox | 1.0.4 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2267?
How severe is CVE-2005-2267?
How do I fix CVE-2005-2267?
Are you affected by CVE-2005-2267?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST