| Vulnerability Name: | CVE-2005-1477 (CCN-20443) | ||||||||||||||||||||
| Assigned: | 2005-05-08 | ||||||||||||||||||||
| Published: | 2005-05-08 | ||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||
| Summary: | The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site. | ||||||||||||||||||||
| CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 4.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: SCO Type: UNKNOWN SCOSA-2005.49 Source: MITRE Type: CNA CVE-2005-1476 Source: MITRE Type: CNA CVE-2005-1477 Source: MISC Type: Exploit http://greyhatsecurity.org/firefox.htm Source: MISC Type: Exploit http://greyhatsecurity.org/vulntests/ffrc.htm Source: FULLDISC Type: UNKNOWN 20050508 Firefox Remote Compromise Leaked Source: FULLDISC Type: UNKNOWN 20050508 Firefox Remote Compromise Technical Details Source: CCN Type: RHSA-2005-434 firefox security update Source: CCN Type: RHSA-2005-435 mozilla security update Source: CCN Type: SA15292 Mozilla Firefox Two Vulnerabilities Source: SECUNIA Type: Patch 15292 Source: CCN Type: SECTRACK ID: 1013913 Firefox onload() History Access Bug and Install Function Scripting Execution Flaw Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1013913 Source: CCN Type: CIAC INFORMATION BULLETIN P-206 Mozilla & Firefox Security Update Source: CCN Type: GLSA-200505-11 Mozilla Suite, Mozilla Firefox: Remote compromise Source: CCN Type: US-CERT VU#534710 Mozilla fails to properly prevent JavaScript: URIs containing eval() from being executed in the context of other URIs in the history list Source: CCN Type: US-CERT VU#648758 Mozilla Firefox executes JavaScript in the IconURL parameter of InstallTrigger.install() with chrome privileges Source: CERT-VN Type: US Government Resource VU#648758 Source: CCN Type: MFSA 2005-42 Code execution via javascript IconURL Source: CONFIRM Type: UNKNOWN http://www.mozilla.org/security/announce/mfsa2005-42.html Source: REDHAT Type: UNKNOWN RHSA-2005:434 Source: REDHAT Type: UNKNOWN RHSA-2005:435 Source: BID Type: UNKNOWN 13544 Source: CCN Type: BID-13544 Mozilla Firefox Install Method Remote Arbitrary Code Execution Vulnerability Source: BID Type: UNKNOWN 15495 Source: CCN Type: BID-15495 SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Multiple Vulnerabilities Fixed Source: VUPEN Type: UNKNOWN ADV-2005-0493 Source: MISC Type: UNKNOWN https://bugzilla.mozilla.org/show_bug.cgi?id=292691 Source: CCN Type: Mozilla.org Web site Bugzilla Bug 293302 - Firefox 1.0.3 Critical Vulnerability Source: MISC Type: UNKNOWN https://bugzilla.mozilla.org/show_bug.cgi?id=293302 Source: XF Type: UNKNOWN mozilla-javascript-code-execution(20443) Source: XF Type: UNKNOWN mozilla-javascript-code-execution(20443) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100001 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9231 | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||