CVSS: 7.5EPSS: 10%CPEs: 13EXPL: 1CVE-2005-2264
https://notcve.org/view.php?id=CVE-2005-2264
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL. • http://secunia.com/advisories/16043 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.mozilla.org/security/announce/mfsa2005-49.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.securityfocus.com/bid/14242 http://www.vupen.com/english/advisories/2005/1075 https://bugzilla.mozilla.org/show_bug.cgi?id=294074 h •
CVSS: 5.0EPSS: 96%CPEs: 38EXPL: 4CVE-2005-2265 – Mozilla Suite/Firefox compareTo() Code Execution
https://notcve.org/view.php?id=CVE-2005-2265
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string. • https://www.exploit-db.com/exploits/16306 https://www.exploit-db.com/exploits/9947 http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://secunia.com/advisories/16059 http://secunia.com/advisories/19823 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-50.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux •
CVSS: 7.5EPSS: 2%CPEs: 38EXPL: 0CVE-2005-2260
https://notcve.org/view.php?id=CVE-2005-2260
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user. • http://bugzilla.mozilla.org/show_bug.cgi?id=289940 http://secunia.com/advisories/16043 http://secunia.com/advisories/16044 http://secunia.com/advisories/16059 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.mozilla.org/security/announce/mfsa2005-45.html http://www.networksecurity.fi/advisories/netscape-multiple-issues.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/secur •
CVSS: 7.5EPSS: 8%CPEs: 38EXPL: 4CVE-2005-2270
https://notcve.org/view.php?id=CVE-2005-2270
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object. • http://secunia.com/advisories/16043 http://secunia.com/advisories/16059 http://secunia.com/advisories/19823 http://securitytracker.com/id?1014470 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.kb.cert.org/vuls/id/652366 http://www.mozilla.org/security/announce/mfsa2005-56.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html htt •
CVSS: 7.5EPSS: 64%CPEs: 13EXPL: 0CVE-2005-2267
https://notcve.org/view.php?id=CVE-2005-2267
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL. • http://secunia.com/advisories/16043 http://securitytracker.com/id?1014469 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.mozilla.org/security/announce/mfsa2005-53.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.redhat.com/support/errata/RHSA-2005-587.html http://www.securityfocus.com/bid/14242 http:/&#x •