CVE

Id
12737  
CVE No.
CVE-2005-1531  
Status
Candidate  
Description
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."  
Phase
Assigned (20050512)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
91816 12737 CVE-2005-1531 CONFIRM:http://www.mozilla.org/security/announce/mfsa2005-43.html  View
91817 12737 CVE-2005-1531 REDHAT:RHSA-2005:434  View
91818 12737 CVE-2005-1531 URL:http://www.redhat.com/support/errata/RHSA-2005-434.html  View
91819 12737 CVE-2005-1531 REDHAT:RHSA-2005:435  View
91820 12737 CVE-2005-1531 URL:http://www.redhat.com/support/errata/RHSA-2005-435.html  View
91821 12737 CVE-2005-1531 SCO:SCOSA-2005.49  View
91822 12737 CVE-2005-1531 URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt  View
91823 12737 CVE-2005-1531 BID:15495  View
91824 12737 CVE-2005-1531 URL:http://www.securityfocus.com/bid/15495  View
91825 12737 CVE-2005-1531 BID:13641  View
91826 12737 CVE-2005-1531 URL:http://www.securityfocus.com/bid/13641  View
91827 12737 CVE-2005-1531 OVAL:oval:org.mitre.oval:def:10351  View
91828 12737 CVE-2005-1531 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10351  View
91829 12737 CVE-2005-1531 VUPEN:ADV-2005-0530  View
91830 12737 CVE-2005-1531 URL:http://www.vupen.com/english/advisories/2005/0530  View
91831 12737 CVE-2005-1531 OVAL:oval:org.mitre.oval:def:100015  View
91832 12737 CVE-2005-1531 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100015  View
91833 12737 CVE-2005-1531 SECTRACK:1013962  View
91834 12737 CVE-2005-1531 URL:http://securitytracker.com/id?1013962  View
91835 12737 CVE-2005-1531 SECTRACK:1013963  View

Related JVN