Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2005-0401

Опубликовано: 02 мая 2005
Источник: ubuntu
Приоритет: untriaged
EPSS Низкий
CVSS2: 5.1

Описание

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
devel

released

2.0.0.6+1-0ubuntu1
edgy

released

2.0.0.6+0dfsg-0ubuntu0.6.10
feisty

released

2.0.0.6+1-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0~alpha7-0ubuntu6
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.5-0ubuntu4
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.1.6b-0ubuntu2
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

not-affected

devel

DNE

edgy

released

1.7.13-0.2ubuntu1
feisty

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.03853
Низкий

5.1 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2005-0401

redhat
около 20 лет назад

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

nvd логотип

CVE-2005-0401

nvd
около 20 лет назад

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

debian логотип

CVE-2005-0401

debian
около 20 лет назад

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all ...

github логотип

GHSA-p4xc-fq3x-cx45

github
около 3 лет назад

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

EPSS

Процентиль: 88%
0.03853
Низкий

5.1 Medium

CVSS2