CVE-2005-2262

NameCVE-2005-2262
DescriptionFirefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-779-1, DSA-779-2, DTSA-8-2
NVD severitymedium (attack range: remote, user-initiated)
Debian/oldoldstablenot known to be vulnerable.
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mozilla-firefoxsource(unstable)1.0.4-2sarge3medium
mozilla-firefoxsourceetch1.0.4-2sarge3mediumDTSA-8-2
mozilla-firefoxsourcesarge1.0.4-2sarge3mediumDSA-779-2

Search for package or bug name: Reporting problems