Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-0989 | 5.0 |
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
|
03-05-2018 - 01:29 | 02-05-2005 - 04:00 | |
CVE-2005-2269 | 7.5 |
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to
|
11-10-2017 - 01:30 | 13-07-2005 - 04:00 | |
CVE-2005-1159 | 7.5 |
The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the w
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
CVE-2005-1160 | 5.1 |
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval func
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
CVE-2005-2266 | 5.0 |
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensit
|
11-10-2017 - 01:30 | 13-07-2005 - 04:00 | |
CVE-2005-2261 | 7.5 |
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
|
11-10-2017 - 01:30 | 13-07-2005 - 04:00 | |
CVE-2005-1532 | 7.5 |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a va
|
11-10-2017 - 01:30 | 12-05-2005 - 04:00 | |
CVE-2005-2270 | 7.5 |
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
|
11-10-2017 - 01:30 | 13-07-2005 - 04:00 | |
CVE-2005-2265 | 5.0 |
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead
|
11-10-2017 - 01:30 | 13-07-2005 - 04:00 |