CVE-2005-0231 in Thunderbirdinfo

Summary

Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

02/07/2005

Disclosure

02/07/2005

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
1292	Mozilla Thunderbird javascript URI Drag / Drop memory corruption	119	Proof-of-Concept	Official fix	CVE-2005-0231
1208	Netscape Browser URI Drag / Drop memory corruption	119	Proof-of-Concept	Official fix	CVE-2005-0231
1185	Mozilla Firefox javascript URI Drag / Drop memory corruption	119	Proof-of-Concept	Official fix	CVE-2005-0231
1184	Mozilla Firefox javascript URI Drag / Drop denial of service	404	Proof-of-Concept	Official fix	CVE-2005-0231

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!