1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
PublicDate: 2005-05-12
Candidate: CVE-2005-1531
References:
http://www.ubuntu.com/usn/usn-155-1
http://www.ubuntu.com/usn/usn-149-3
http://www.ubuntu.com/usn/usn-134-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1531
Description:
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly
implement certain security checks for script injection, which allows remote
attackers to execute script via "Wrapped" javascript: URLs, as demonstrated
using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in
a jar: URL, or (3) "a nested variant."
Ubuntu-Description:
Notes:
Bugs:
dapper_midbrowser: DNE
edgy_midbrowser: DNE
feisty_midbrowser: DNE
devel_midbrowser: released (0.1.6b-0ubuntu2)
dapper_lightning-sunbird: DNE
edgy_lightning-sunbird: DNE
feisty_lightning-sunbird: DNE
devel_lightning-sunbird: released (0.5-0ubuntu4)
dapper_mozilla: not-affected
edgy_mozilla: released (1.7.13-0.2ubuntu1)
feisty_mozilla: DNE
devel_mozilla: DNE
dapper_firefox-granparadiso: DNE
edgy_firefox-granparadiso: DNE
feisty_firefox-granparadiso: DNE
devel_firefox-granparadiso: released (3.0~alpha7-0ubuntu6)
dapper_firefox: not-affected
edgy_firefox: not-affected
feisty_firefox: not-affected
devel_firefox: not-affected
upstream_firefox:
upstream_firefox-granparadiso:
upstream_lightning-sunbird:
upstream_midbrowser:
upstream_mozilla:
|