CVE Vulnerabilities

CVE-2005-1531

Published: May 12, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via Wrapped javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) a nested variant.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 0.8 0.8
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.5 1.5
Firefox Mozilla 1.0.2 1.0.2
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 0.9.1 0.9.1
Mozilla Mozilla 1.7.5 1.7.5
Firefox Mozilla 0.10.1 0.10.1
Firefox Mozilla 0.9 0.9
Mozilla Mozilla 1.6 1.6
Mozilla Mozilla 1.4.1 1.4.1
Mozilla Mozilla 1.5 1.5
Mozilla Mozilla 1.5 1.5
Mozilla Mozilla 1.7.7 1.7.7
Firefox Mozilla 1.0 1.0
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 1.0.1 1.0.1
Mozilla Mozilla * 1.4
Mozilla Mozilla 1.5 1.5
Firefox Mozilla 1.0.3 1.0.3
Mozilla Mozilla 1.7.6 1.7.6
Mozilla Mozilla 1.7.1 1.7.1
Firefox Mozilla 0.9.3 0.9.3
Mozilla Mozilla 1.5.1 1.5.1
Firefox Mozilla 0.9.2 0.9.2
Mozilla Mozilla 1.7.2 1.7.2
Firefox Mozilla 0.9 0.9
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7 1.7
Firefox Mozilla 0.10 0.10
Mozilla Mozilla 1.7.3 1.7.3
Mozilla Mozilla 1.6 1.6
Mozilla Mozilla 1.6 1.6

References