Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2005-2706 |
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla. Published: September 23, 2005; 3:03:00 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2005-2707 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks. Published: September 23, 2005; 3:03:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-2871 |
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. Published: September 09, 2005; 2:03:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-2395 |
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available. Published: July 27, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2003-1492 |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. Published: December 31, 2003; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |