CVE-2005-2429

Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=112248181422193&w=2
http://secunia.com/advisories/16256
http://www.osvdb.org/18484
https://exchange.xforce.ibmcloud.com/vulnerabilities/24346
http://marc.info/?l=bugtraq&m=112248181422193&w=2
http://secunia.com/advisories/16256
http://www.osvdb.org/18484
https://exchange.xforce.ibmcloud.com/vulnerabilities/24346

Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*

History

20 Nov 2024, 23:59

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=112248181422193&w=2 -~~	() http://marc.info/?l=bugtraq&m=112248181422193&w=2 -
References	~~() http://secunia.com/advisories/16256 -~~	() http://secunia.com/advisories/16256 -
References	~~() http://www.osvdb.org/18484 -~~	() http://www.osvdb.org/18484 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/24346 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/24346 -

Information

Published : 2005-08-03 04:00

Updated : 2024-11-20 23:59

NVD link : CVE-2005-2429

Mitre link : CVE-2005-2429

CVE.ORG link : CVE-2005-2429

JSON object : View

Products Affected

mozilla

firefox

CWE

NVD-CWE-Other

{"id": "CVE-2005-2429", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-08-03T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=112248181422193&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/16256", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/18484", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24346", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=112248181422193&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/16256", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/18484", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24346", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office."}, {"lang": "es", "value": "Firefox, cuando abre documentos de Microsoft Word, no fija adecuadamente los permisos en secciones compartidas, lo que permite que atacantes remotos escriban datos arbitrarios en aplicaciones abiertas en Microsoft Office."}], "lastModified": "2024-11-20T23:59:32.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05D2655-6641-42BE-9793-30005AC9D40D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}