CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2429
https://notcve.org/view.php?id=CVE-2005-2429
Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office. Firefox, cuando abre documentos de Microsoft Word, no fija adecuadamente los permisos en secciones compartidas, lo que permite que atacantes remotos escriban datos arbitrarios en aplicaciones abiertas en Microsoft Office. • http://marc.info/?l=bugtraq&m=112248181422193&w=2 http://secunia.com/advisories/16256 http://www.osvdb.org/18484 https://exchange.xforce.ibmcloud.com/vulnerabilities/24346 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2005-2395
https://notcve.org/view.php?id=CVE-2005-2395
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available. Mozilla Firefox 1.0.4 and 1.0.5 no elige el esquema de autentificación más fuerte disponible, como requiere la RFC2617, lo que podría provocar que las credenciales se envíen en texto plano, aunque haya disponible un canal encriptado. • http://securityreason.com/securityalert/8 http://www.osvdb.org/19002 http://www.securiteam.com/securitynews/5PP0L00GUQ.html http://www.securityfocus.com/archive/1/405666 http://www.securityfocus.com/bid/14325 https://bugzilla.mozilla.org/show_bug.cgi?id=281851 https://exchange.xforce.ibmcloud.com/vulnerabilities/22272 •
CVSS: 7.5EPSS: 9%CPEs: 38EXPL: 1CVE-2005-2269
https://notcve.org/view.php?id=CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing"). • http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://secunia.com/advisories/16059 http://secunia.com/advisories/19823 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-55.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005& •
CVSS: 2.6EPSS: 0%CPEs: 38EXPL: 2CVE-2005-2268
https://notcve.org/view.php?id=CVE-2005-2268
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." • http://secunia.com/advisories/15489 http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-54.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.redhat.com/support/errata/RHSA-2005-587.html http://www.securityfocus.com&# •
CVSS: 5.0EPSS: 1%CPEs: 38EXPL: 0CVE-2005-2266
https://notcve.org/view.php?id=CVE-2005-2266
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents. • http://secunia.com/advisories/15549 http://secunia.com/advisories/15551 http://secunia.com/advisories/15553 http://secunia.com/advisories/19823 http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-52.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/support/ •