Vulnerability Details : CVE-2005-2262
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
Vulnerability category: Execute code
Products affected by CVE-2005-2262
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-2262
43.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-2262
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2005-2262
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011
-
http://www.ciac.org/ciac/bulletins/p-252.shtml
-
http://www.novell.com/linux/security/advisories/2005_18_sr.html
404 Page Not Found | SUSE
-
http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
-
http://www.mikx.de/firewalling/
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11097
-
http://www.vupen.com/english/advisories/2005/1075
-
http://www.redhat.com/support/errata/RHSA-2005-586.html
-
http://www.securiteam.com/securitynews/5ZP0E0UGAK.html
-
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
-
http://www.securityfocus.com/bid/14242
Mozilla Suite, Firefox And Thunderbird Multiple Vulnerabilities
-
http://www.mozilla.org/security/announce/mfsa2005-47.html
Jump to