CVE-2005-0143 : Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an in

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.

Published 2005-03-23 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2005-0143

Mozilla » Mozilla
cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.6
cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.0 Update RC1
cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.0 Update RC2
cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.7
cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.9
cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.0
cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.5
cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.8
cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.0.1
cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.3
cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.4
cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.1
cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.2
cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.2.1
cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.4.1
cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.1 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.3
cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.48
cpe:2.3:a:mozilla:mozilla:0.9.48:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.2
cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.2 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.8
cpe:2.3:a:mozilla:mozilla:0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.1 Update Beta
cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.3.1
cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4
cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4 Update Beta
cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 0.9.35
cpe:2.3:a:mozilla:mozilla:0.9.35:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.0.2
cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.2.1
cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.2 Update Beta
cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4.1
cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4.2
cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.5
cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.6
cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7
cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7.1
cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7.2
cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7 Update RC3
cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7 Update Beta
cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7 Update RC1
cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.4.4
cpe:2.3:a:mozilla:mozilla:1.4.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.5.1
cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7 Update RC2
cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7.3
cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.5 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.5 Update RC1
cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.6 Update Alpha
cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.6 Update Beta
cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.5 Update RC2
cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.8 Update Alpha2
cpe:2.3:a:mozilla:mozilla:1.8:alpha2:*:*:*:*:*:*
Matching versions
Mozilla » Mozilla » Version: 1.7.5
cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.2
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.1
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.8
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.3
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9 Update RC
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.10.1
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.10
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-0143

EPSS FAQ

0.77%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-0143

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.6	LOW	AV:N/AC:H/Au:N/C:N/I:P/A:N	4.9	2.9	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2005-0143

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100055

404 Not Found
http://www.redhat.com/support/errata/RHSA-2005-335.html

Patch;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/12407

CVEs referencing this url
http://www.mozilla.org/security/announce/mfsa2005-03.html

Patch;Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=257308

257308 - Visual indicators of site security appear for the wrong site (lock icon)
Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19166

Mozilla SSL lock spoofing CVE-2005-0143 Vulnerability Report
http://www.redhat.com/support/errata/RHSA-2005-384.html

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11297

404 Not Found

Jump to

Vulnerability Details : CVE-2005-0143

Products affected by CVE-2005-0143

Exploit prediction scoring system (EPSS) score for CVE-2005-0143

CVSS scores for CVE-2005-0143

References for CVE-2005-0143