CVE-2005-1532

NameCVE-2005-1532
DescriptionFirefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-781-1
NVD severityhigh (attack range: remote)
Debian Bugs318728

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozillasource(unstable)2:1.7.8high
mozilla-firefoxsource(unstable)1.0.4high
mozilla-thunderbirdsource(unstable)1.0.6-1high318728
mozilla-thunderbirdsourcesarge1.0.2-2.sarge1.0.6mediumDSA-781-1

Search for package or bug name: Reporting problems