CVE Vulnerabilities

CVE-2005-1154

Published: May 02, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka Cross-site scripting through global scope pollution.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 0.8 0.8
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.5 1.5
Firefox Mozilla 1.0.2 1.0.2
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 0.9.1 0.9.1
Mozilla Mozilla 1.7.5 1.7.5
Firefox Mozilla 0.10.1 0.10.1
Firefox Mozilla 0.9 0.9
Mozilla Mozilla 1.6 1.6
Mozilla Mozilla 1.4.1 1.4.1
Mozilla Mozilla 1.5 1.5
Mozilla Mozilla 1.5 1.5
Mozilla Mozilla 1.3 1.3
Firefox Mozilla 1.0 1.0
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 1.0.1 1.0.1
Mozilla Mozilla 1.4 1.4
Mozilla Mozilla 1.5 1.5
Mozilla Mozilla 1.7.6 1.7.6
Mozilla Mozilla 1.7.1 1.7.1
Firefox Mozilla 0.9.3 0.9.3
Mozilla Mozilla 1.4 1.4
Mozilla Mozilla 1.5.1 1.5.1
Firefox Mozilla 0.9.2 0.9.2
Mozilla Mozilla 1.7.2 1.7.2
Firefox Mozilla 0.9 0.9
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 0.10 0.10
Mozilla Mozilla 1.7.3 1.7.3
Mozilla Mozilla 1.6 1.6
Mozilla Mozilla 1.6 1.6

References