CVSS: 5.0EPSS: 2%CPEs: 38EXPL: 1CVE-2005-2263
https://notcve.org/view.php?id=CVE-2005-2263
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation. • http://secunia.com/advisories/16043 http://secunia.com/advisories/16059 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-48.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.redhat.com/support/errata/RHSA-2005-587.html http& •
CVSS: 5.1EPSS: 57%CPEs: 2EXPL: 1CVE-2005-2262 – Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution
https://notcve.org/view.php?id=CVE-2005-2262
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling." • https://www.exploit-db.com/exploits/1102 http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.mikx.de/firewalling http://www.mozilla.org/security/announce/mfsa2005-47.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/s •
CVSS: 7.5EPSS: 2%CPEs: 38EXPL: 0CVE-2005-2260
https://notcve.org/view.php?id=CVE-2005-2260
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user. • http://bugzilla.mozilla.org/show_bug.cgi?id=289940 http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://secunia.com/advisories/16059 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-45.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/secur •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 4CVE-2005-2270
https://notcve.org/view.php?id=CVE-2005-2270
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object. • http://secunia.com/advisories/16043 http://secunia.com/advisories/16059 http://secunia.com/advisories/19823 http://securitytracker.com/id?1014470 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.kb.cert.org/vuls/id/652366 http://www.mozilla.org/security/announce/mfsa2005-56.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html htt •
CVSS: 5.0EPSS: 1%CPEs: 38EXPL: 0CVE-2005-2266
https://notcve.org/view.php?id=CVE-2005-2266
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents. • http://secunia.com/advisories/15549 http://secunia.com/advisories/15551 http://secunia.com/advisories/15553 http://secunia.com/advisories/19823 http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-52.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/support/ •