CVE-2005-1160

NameCVE-2005-1160
DescriptionThe privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-781-1
NVD severitymedium (attack range: remote, user-initiated)
Debian Bugs318728
Debian/oldoldstablenot known to be vulnerable.
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozillasource(unstable)2:1.7.7-1medium
mozilla-firefoxsource(unstable)1.0.3-1medium
mozilla-thunderbirdsource(unstable)1.0.6-1high318728
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.6mediumDSA-781-1

Search for package or bug name: Reporting problems