// For flags

CVE-2005-2266

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-07-13 CVE Reserved
  • 2005-07-13 CVE Published
  • 2024-06-19 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (22)
URL Tag Source
http://secunia.com/advisories/15549 Third Party Advisory
http://secunia.com/advisories/15551 Third Party Advisory
http://secunia.com/advisories/15553 Third Party Advisory
http://secunia.com/advisories/19823 Third Party Advisory
http://www.securityfocus.com/bid/14242 Vdb Entry
http://www.vupen.com/english/advisories/2005/1075 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/21332 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100107 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10712 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1415 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A773 Signature
URL Date SRC
URL Date SRC
http://www.mozilla.org/security/announce/mfsa2005-52.html 2017-10-11
URL Date SRC
http://www.debian.org/security/2005/dsa-810 2017-10-11
http://www.novell.com/linux/security/advisories/2005_18_sr.html 2017-10-11
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html 2017-10-11
http://www.novell.com/linux/security/advisories/2006_04_25.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-586.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-587.html 2017-10-11
http://www.redhat.com/support/errata/RHSA-2005-601.html 2017-10-11
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202 2017-10-11
https://access.redhat.com/security/cve/CVE-2005-2266 2005-07-21
https://bugzilla.redhat.com/show_bug.cgi?id=1617700 2005-07-21
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.8
Search vendor "Mozilla" for product "Firefox" and version "0.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9
Search vendor "Mozilla" for product "Firefox" and version "0.9"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9
Search vendor "Mozilla" for product "Firefox" and version "0.9"
rc
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.1
Search vendor "Mozilla" for product "Firefox" and version "0.9.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.2
Search vendor "Mozilla" for product "Firefox" and version "0.9.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.9.3
Search vendor "Mozilla" for product "Firefox" and version "0.9.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.10
Search vendor "Mozilla" for product "Firefox" and version "0.10"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 0.10.1
Search vendor "Mozilla" for product "Firefox" and version "0.10.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0
Search vendor "Mozilla" for product "Firefox" and version "1.0"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.1
Search vendor "Mozilla" for product "Firefox" and version "1.0.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.2
Search vendor "Mozilla" for product "Firefox" and version "1.0.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.3
Search vendor "Mozilla" for product "Firefox" and version "1.0.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 1.0.4
Search vendor "Mozilla" for product "Firefox" and version "1.0.4"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.3
Search vendor "Mozilla" for product "Mozilla" and version "1.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4
Search vendor "Mozilla" for product "Mozilla" and version "1.4"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4
Search vendor "Mozilla" for product "Mozilla" and version "1.4"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.4.1
Search vendor "Mozilla" for product "Mozilla" and version "1.4.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
rc1
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5
Search vendor "Mozilla" for product "Mozilla" and version "1.5"
rc2
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.5.1
Search vendor "Mozilla" for product "Mozilla" and version "1.5.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.6
Search vendor "Mozilla" for product "Mozilla" and version "1.6"
beta
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
alpha
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
beta
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc1
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc2
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7"
rc3
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.1
Search vendor "Mozilla" for product "Mozilla" and version "1.7.1"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.2
Search vendor "Mozilla" for product "Mozilla" and version "1.7.2"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.3
Search vendor "Mozilla" for product "Mozilla" and version "1.7.3"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.5
Search vendor "Mozilla" for product "Mozilla" and version "1.7.5"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.6
Search vendor "Mozilla" for product "Mozilla" and version "1.7.6"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.7
Search vendor "Mozilla" for product "Mozilla" and version "1.7.7"
-
Affected
Mozilla
Search vendor "Mozilla"
 Mozilla
Search vendor "Mozilla" for product "Mozilla"
 1.7.8
Search vendor "Mozilla" for product "Mozilla" and version "1.7.8"
-
Affected