CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0144
https://notcve.org/view.php?id=CVE-2005-0144
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. • http://www.mozilla.org/security/announce/mfsa2005-04.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=262689 https://exchange.xforce.ibmcloud.com/vulnerabilities/19169 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0146
https://notcve.org/view.php?id=CVE-2005-0146
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. • http://www.mozilla.org/security/announce/mfsa2005-08.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=265728 https://exchange.xforce.ibmcloud.com/vulnerabilities/19171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10362 https://access.redhat.com/security/cve/CVE-2005-0146 https://bugzilla.redhat •
CVSS: 5.0EPSS: 3%CPEs: 9EXPL: 0CVE-2005-0150
https://notcve.org/view.php?id=CVE-2005-0150
Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code. • http://www.mozilla.org/security/announce/mfsa2005-12.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=265668 https://exchange.xforce.ibmcloud.com/vulnerabilities/19187 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100046 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0147
https://notcve.org/view.php?id=CVE-2005-0147
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. • http://www.mozilla.org/security/announce/mfsa2005-09.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=267263 https://exchange.xforce.ibmcloud.com/vulnerabilities/19174 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9578 •
CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0141
https://notcve.org/view.php?id=CVE-2005-0141
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab. • http://www.mozilla.org/security/announce/mfsa2005-01.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=249332 https://exchange.xforce.ibmcloud.com/vulnerabilities/19168 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •