CVSS: 2.6EPSS: 32%CPEs: 9EXPL: 0CVE-2005-0145
https://notcve.org/view.php?id=CVE-2005-0145
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature. • http://www.mozilla.org/security/announce/mfsa2005-07.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=265176 https://exchange.xforce.ibmcloud.com/vulnerabilities/19170 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100051 •
CVSS: 5.0EPSS: 76%CPEs: 8EXPL: 0CVE-2004-2225
https://notcve.org/view.php?id=CVE-2004-2225
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. • http://secunia.com/advisories/12708 http://securitytracker.com/id?1011501 http://www.mozilla.org/projects/security/older-vulnerabilities.html#firefox0.10.1 http://www.osvdb.org/10478 http://www.securityfocus.com/bid/11311 https://bugzilla.mozilla.org/show_bug.cgi?id=259708 •
CVSS: 2.6EPSS: 0%CPEs: 4EXPL: 5CVE-2004-1753
https://notcve.org/view.php?id=CVE-2004-1753
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. • http://bugzilla.mozilla.org/show_bug.cgi?id=162134 http://secunia.com/advisories/12392 http://www.securityfocus.com/archive/1/373080 http://www.securityfocus.com/archive/1/373232 http://www.securityfocus.com/archive/1/373309 http://www.securityfocus.com/bid/11059 https://exchange.xforce.ibmcloud.com/vulnerabilities/17137 •
CVSS: 5.0EPSS: 6%CPEs: 8EXPL: 0CVE-2004-2227
https://notcve.org/view.php?id=CVE-2004-2227
Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions. • http://secunia.com/advisories/13144 http://secunia.com/advisories/13724 http://security.gentoo.org/glsa/glsa-200501-03.xml http://www.osvdb.org/11591 https://bugzilla.mozilla.org/show_bug.cgi?id=234416 https://exchange.xforce.ibmcloud.com/vulnerabilities/18016 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2004-2228
https://notcve.org/view.php?id=CVE-2004-2228
Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. • http://secunia.com/advisories/13144 http://secunia.com/advisories/13724 http://security.gentoo.org/glsa/glsa-200501-03.xml http://www.osvdb.org/11592 http://www.securityfocus.com/bid/11644 https://exchange.xforce.ibmcloud.com/vulnerabilities/18017 •