Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2005-0590

Date: February 28, 2005

The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.

Severity Score

Related Resources (14)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10010
https://people.canonical.com/~ubuntu-security/cve/CVE-2005-0590
http://www.redhat.com/support/errata/RHSA-2005-176.html
http://www.redhat.com/support/errata/RHSA-2005-384.html
http://secunia.com/advisories/19823
http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.mozilla.org/security/announce/mfsa2005-17.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100041
http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
https://nvd.nist.gov/vuln/detail/CVE-2005-0590
http://www.securityfocus.com/bid/12659
https://bugzilla.mozilla.org/show_bug.cgi?id=268059
https://www.mend.io/vulnerability-database/CVE-2005-0590

Severity Score

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us