CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 1CVE-2005-2602
https://notcve.org/view.php?id=CVE-2005-2602
Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. • http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=1682 http://www.securityfocus.com/archive/1/407704 http://www.securityfocus.com/bid/14526 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2429
https://notcve.org/view.php?id=CVE-2005-2429
Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office. Firefox, cuando abre documentos de Microsoft Word, no fija adecuadamente los permisos en secciones compartidas, lo que permite que atacantes remotos escriban datos arbitrarios en aplicaciones abiertas en Microsoft Office. • http://marc.info/?l=bugtraq&m=112248181422193&w=2 http://secunia.com/advisories/16256 http://www.osvdb.org/18484 https://exchange.xforce.ibmcloud.com/vulnerabilities/24346 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2005-2395
https://notcve.org/view.php?id=CVE-2005-2395
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available. Mozilla Firefox 1.0.4 and 1.0.5 no elige el esquema de autentificación más fuerte disponible, como requiere la RFC2617, lo que podría provocar que las credenciales se envíen en texto plano, aunque haya disponible un canal encriptado. • http://securityreason.com/securityalert/8 http://www.osvdb.org/19002 http://www.securiteam.com/securitynews/5PP0L00GUQ.html http://www.securityfocus.com/archive/1/405666 http://www.securityfocus.com/bid/14325 https://bugzilla.mozilla.org/show_bug.cgi?id=281851 https://exchange.xforce.ibmcloud.com/vulnerabilities/22272 •
CVSS: 5.0EPSS: 2%CPEs: 38EXPL: 1CVE-2005-2263
https://notcve.org/view.php?id=CVE-2005-2263
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation. • http://secunia.com/advisories/16043 http://secunia.com/advisories/16059 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-48.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.redhat.com/support/errata/RHSA-2005-587.html http& •
CVSS: 5.1EPSS: 57%CPEs: 2EXPL: 1CVE-2005-2262 – Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution
https://notcve.org/view.php?id=CVE-2005-2262
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling." • https://www.exploit-db.com/exploits/1102 http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.mikx.de/firewalling http://www.mozilla.org/security/announce/mfsa2005-47.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/s •