CVE-2005-2707

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2005-2707
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.redhat.com/support/errata/RHSA-2005-785.html Patch Vendor Advisory
http://securitytracker.com/id?1014954
http://www.mozilla.org/security/announce/mfsa2005-59.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
http://www.redhat.com/support/errata/RHSA-2005-789.html
http://www.securityfocus.com/bid/14919
http://secunia.com/advisories/16911
http://secunia.com/advisories/16917
http://www.debian.org/security/2005/dsa-868
http://www.redhat.com/support/errata/RHSA-2005-791.html
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://www.securityfocus.com/bid/15495
http://secunia.com/advisories/17042
http://secunia.com/advisories/17090
http://secunia.com/advisories/17149
http://secunia.com/advisories/17284
http://www.debian.org/security/2005/dsa-838
http://www.debian.org/security/2005/dsa-866
http://secunia.com/advisories/17026
http://secunia.com/advisories/17263
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
http://secunia.com/advisories/16977
http://secunia.com/advisories/17014
http://secunia.com/advisories/19823
http://www.vupen.com/english/advisories/2005/1824
http://www.novell.com/linux/security/advisories/2006_04_25.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/22380
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1197
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11130
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla_suite:1.7.7:*:*:*:*:*:*:*
Information

Published : 2005-09-23 12:03

Updated : 2017-10-10 18:30

NVD link : CVE-2005-2707

Mitre link : CVE-2005-2707

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

mozilla

  • firefox
  • mozilla_suite