CVE-2005-1532

NameCVE-2005-1532
DescriptionFirefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-781-1
NVD severityhigh (attack range: remote)
Debian Bugs318728
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozillasource(unstable)2:1.7.8high
mozilla-firefoxsource(unstable)1.0.4high
mozilla-thunderbirdsource(unstable)1.0.6-1high318728
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.6mediumDSA-781-1

Search for package or bug name: Reporting problems