CVE-2005-1160
First published: Mon Apr 18 2005(Updated: )
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | =0.8 | |
| Mozilla Mozilla | =1.7-alpha | |
| Mozilla Mozilla | =1.7-rc1 | |
| Mozilla Mozilla | =1.5-rc2 | |
| Mozilla Firefox | =1.0.2 | |
| Mozilla Mozilla | =1.7 | |
| Mozilla Firefox | =0.9.1 | |
| Mozilla Mozilla | =1.7.5 | |
| Mozilla Firefox | =0.10.1 | |
| Mozilla Firefox | =0.9 | |
| Mozilla Mozilla | =1.6-beta | |
| Mozilla Mozilla | =1.4.1 | |
| Mozilla Mozilla | =1.5-alpha | |
| Mozilla Mozilla | =1.5-rc1 | |
| Mozilla Mozilla | =1.3 | |
| Mozilla Firefox | =1.0 | |
| Mozilla Mozilla | =1.7-beta | |
| Mozilla Firefox | =1.0.1 | |
| Mozilla Mozilla | =1.4 | |
| Mozilla Mozilla | =1.5 | |
| Mozilla Mozilla | =1.7.6 | |
| Mozilla Mozilla | =1.7.1 | |
| Mozilla Firefox | =0.9.3 | |
| Mozilla Mozilla | =1.4-alpha | |
| Mozilla Mozilla | =1.5.1 | |
| Mozilla Firefox | =0.9.2 | |
| Mozilla Mozilla | =1.7.2 | |
| Mozilla Firefox | =0.9-rc | |
| Mozilla Mozilla | =1.7-rc3 | |
| Mozilla Mozilla | =1.7-rc2 | |
| Mozilla Firefox | =0.10 | |
| Mozilla Mozilla | =1.7.3 | |
| Mozilla Mozilla | =1.6-alpha | |
| Mozilla Mozilla | =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/mfsa2005-41.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=289074
- https://bugzilla.mozilla.org/show_bug.cgi?id=289083
- https://bugzilla.mozilla.org/show_bug.cgi?id=289961
- http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml
- http://www.redhat.com/support/errata/RHSA-2005-383.html
- http://www.redhat.com/support/errata/RHSA-2005-386.html
- http://secunia.com/advisories/14938
- http://secunia.com/advisories/14992
- http://www.securityfocus.com/bid/15495
- http://www.redhat.com/support/errata/RHSA-2005-384.html
- http://www.redhat.com/support/errata/RHSA-2005-601.html
- http://www.securityfocus.com/bid/13233
- http://secunia.com/advisories/19823
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11291
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100017
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/source
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/0.8
- canonical/mozilla mozilla
- version/mozilla mozilla/1.7-alpha
- version/mozilla mozilla/1.7-rc1
- version/mozilla mozilla/1.5-rc2
- version/mozilla firefox/1.0.2
- version/mozilla mozilla/1.7
- version/mozilla firefox/0.9.1
- version/mozilla mozilla/1.7.5
- version/mozilla firefox/0.10.1
- version/mozilla firefox/0.9
- version/mozilla mozilla/1.6-beta
- version/mozilla mozilla/1.4.1
- version/mozilla mozilla/1.5-alpha
- version/mozilla mozilla/1.5-rc1
- version/mozilla mozilla/1.3
- version/mozilla firefox/1.0
- version/mozilla mozilla/1.7-beta
- version/mozilla firefox/1.0.1
- version/mozilla mozilla/1.4
- version/mozilla mozilla/1.5
- version/mozilla mozilla/1.7.6
- version/mozilla mozilla/1.7.1
- version/mozilla firefox/0.9.3
- version/mozilla mozilla/1.4-alpha
- version/mozilla mozilla/1.5.1
- version/mozilla firefox/0.9.2
- version/mozilla mozilla/1.7.2
- version/mozilla firefox/0.9-rc
- version/mozilla mozilla/1.7-rc3
- version/mozilla mozilla/1.7-rc2
- version/mozilla firefox/0.10
- version/mozilla mozilla/1.7.3
- version/mozilla mozilla/1.6-alpha
- version/mozilla mozilla/1.6