CVE-2005-1477

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://greyhatsecurity.org/firefox.htm	Exploit
http://greyhatsecurity.org/vulntests/ffrc.htm	Exploit
http://marc.info/?l=full-disclosure&m=111553138007647&w=2
http://marc.info/?l=full-disclosure&m=111556301530553&w=2
http://secunia.com/advisories/15292	Patch
http://securitytracker.com/id?1013913
http://www.kb.cert.org/vuls/id/648758	US Government Resource
http://www.mozilla.org/security/announce/mfsa2005-42.html
http://www.redhat.com/support/errata/RHSA-2005-434.html
http://www.redhat.com/support/errata/RHSA-2005-435.html
http://www.securityfocus.com/bid/13544
http://www.securityfocus.com/bid/15495
http://www.vupen.com/english/advisories/2005/0493
https://bugzilla.mozilla.org/show_bug.cgi?id=292691
https://bugzilla.mozilla.org/show_bug.cgi?id=293302
https://exchange.xforce.ibmcloud.com/vulnerabilities/20443
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9231

Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-05-09 04:00

Updated : 2024-02-28 10:42

NVD link : CVE-2005-1477

Mitre link : CVE-2005-1477

CVE.ORG link : CVE-2005-1477

JSON object : View

Products Affected

mozilla

firefox

CWE

NVD-CWE-Other

{"id": "CVE-2005-1477", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2005-05-09T04:00:00.000", "references": [{"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt", "source": "cve@mitre.org"}, {"url": "http://greyhatsecurity.org/firefox.htm", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://greyhatsecurity.org/vulntests/ffrc.htm", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=full-disclosure&m=111553138007647&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=full-disclosure&m=111556301530553&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/15292", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1013913", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/648758", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.mozilla.org/security/announce/mfsa2005-42.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-434.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-435.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/13544", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15495", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2005/0493", "source": "cve@mitre.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=292691", "source": "cve@mitre.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=293302", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20443", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100001", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9231", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site."}], "lastModified": "2017-10-11T01:30:08.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}