VDB
CVE-2005-1476
CVE-2005-1476
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.
EPSS 49.76% · 97.9th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
49.76%
97.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | firefox | 0 |
| n/a | n/a | n/a |
Timeline
- CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- VU#534710 third-party-advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=292691 url
- SCOSA-2005.49 vendor-advisory
- RHSA-2005:435 vendor-advisory
- 1013913 vdb
- 15292 third-party-advisory
- 15495 vdb
- https://bugzilla.mozilla.org/show_bug.cgi?id=293302 url
- 20050508 Firefox Remote Compromise Technical Details mailing-list
- 13544 vdb
- oval:org.mitre.oval:def:10045 vdb
- http://greyhatsecurity.org/vulntests/ffrc.htm url
- http://www.mozilla.org/security/announce/mfsa2005-42.html url
- mozilla-javascript-code-execution(20443) vdb
- oval:org.mitre.oval:def:100002 vdb
- http://greyhatsecurity.org/firefox.htm url
- RHSA-2005:434 vendor-advisory
- ADV-2005-0493 vdb
- 20050508 Firefox Remote Compromise Leaked mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2005-1476 advisory