// For flags

CVE-2005-2265

Mozilla Suite/Firefox compareTo() Code Execution

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-07-13 CVE Reserved
  • 2005-07-13 CVE Published
  • 2005-07-13 First Exploit
  • 2024-06-19 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (27)
URL Tag Source
http://secunia.com/advisories/16043 Third Party Advisory
http://secunia.com/advisories/16044 Third Party Advisory
http://secunia.com/advisories/16059 Third Party Advisory
http://secunia.com/advisories/19823 Third Party Advisory
http://www.ciac.org/ciac/bulletins/p-252.shtml Government Resource
http://www.networksecurity.fi/advisories/netscape-multiple-issues.html X_refsource_misc
http://www.securityfocus.com/bid/14242 Vdb Entry
http://www.vupen.com/english/advisories/2005/1075 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100008 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10397 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A417 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A781 Signature
URL Date SRC
https://www.exploit-db.com/exploits/16306 2010-09-20
https://www.exploit-db.com/exploits/9947 2005-07-13
https://bugzilla.mozilla.org/show_bug.cgi?id=295854 2024-08-07
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/browser/mozilla_compareto.rb 2005-07-13
URL Date SRC
http://www.mozilla.org/security/announce/mfsa2005-50.html 2005-07-13
URL Date SRC
http://www.debian.org/security/2005/dsa-810 2017-10-11
http://www.novell.com/linux/security/advisories/2005_18_sr.html 2017-10-11
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html 2017-10-11
http://www.novell.com/linux/security/advisories/2006_04_25.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-586.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-587.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-601.html 2017-10-11
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202 2017-10-11
https://access.redhat.com/security/cve/CVE-2005-2265 2005-07-21
https://bugzilla.redhat.com/show_bug.cgi?id=1617699 2005-07-21
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.8
Search vendor "Mozilla" for product "Firefox" and version "0.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9
Search vendor "Mozilla" for product "Firefox" and version "0.9"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9
Search vendor "Mozilla" for product "Firefox" and version "0.9"
rc
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.1
Search vendor "Mozilla" for product "Firefox" and version "0.9.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.2
Search vendor "Mozilla" for product "Firefox" and version "0.9.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.3
Search vendor "Mozilla" for product "Firefox" and version "0.9.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.10
Search vendor "Mozilla" for product "Firefox" and version "0.10"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.10.1
Search vendor "Mozilla" for product "Firefox" and version "0.10.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0
Search vendor "Mozilla" for product "Firefox" and version "1.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.1
Search vendor "Mozilla" for product "Firefox" and version "1.0.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.2
Search vendor "Mozilla" for product "Firefox" and version "1.0.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.3
Search vendor "Mozilla" for product "Firefox" and version "1.0.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.4
Search vendor "Mozilla" for product "Firefox" and version "1.0.4"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.3
Search vendor "Mozilla" for product "Mozilla" and version "1.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4
Search vendor "Mozilla" for product "Mozilla" and version "1.4"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4
Search vendor "Mozilla" for product "Mozilla" and version "1.4"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4.1
Search vendor "Mozilla" for product "Mozilla" and version "1.4.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
rc1
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
rc2
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5.1
Search vendor "Mozilla" for product "Mozilla" and version "1.5.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
beta
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
beta
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc1
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc2
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc3
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.1
Search vendor "Mozilla" for product "Mozilla" and version "1.7.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.2
Search vendor "Mozilla" for product "Mozilla" and version "1.7.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.3
Search vendor "Mozilla" for product "Mozilla" and version "1.7.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.5
Search vendor "Mozilla" for product "Mozilla" and version "1.7.5"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.6
Search vendor "Mozilla" for product "Mozilla" and version "1.7.6"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7.7"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.8
Search vendor "Mozilla" for product "Mozilla" and version "1.7.8"
-
Affected