CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.

Affected Software

Name	Vendor	Start Version	End Version
Firefox	Mozilla	0.8 (including)	0.8 (including)
Firefox	Mozilla	0.9 (including)	0.9 (including)
Firefox	Mozilla	0.9-rc (including)	0.9-rc (including)
Firefox	Mozilla	0.9.1 (including)	0.9.1 (including)
Firefox	Mozilla	0.9.2 (including)	0.9.2 (including)
Firefox	Mozilla	0.9.3 (including)	0.9.3 (including)
Firefox	Mozilla	0.10 (including)	0.10 (including)
Firefox	Mozilla	0.10.1 (including)	0.10.1 (including)
Firefox	Mozilla	1.0 (including)	1.0 (including)
Firefox	Mozilla	1.0.1 (including)	1.0.1 (including)
Firefox	Mozilla	1.0.2 (including)	1.0.2 (including)
Firefox	Mozilla	1.0.3 (including)	1.0.3 (including)
Firefox	Mozilla	1.0.4 (including)	1.0.4 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2267
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References