Home > Vulnerability Database > CVE-2005-2260

Mend.io Vulnerability Database

CVE-2005-2260

Date: July 12, 2005

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.

Severity Score

7.3

Related Resources (22)

Url: http://www.redhat.com/support/errata/RHSA-2005-587.html

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2005-2260

Url: http://www.novell.com/linux/security/advisories/2005_18_sr.html

Url: http://www.debian.org/security/2005/dsa-810

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1226

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10132

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A742

Url: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

Url: http://www.networksecurity.fi/advisories/netscape-multiple-issues.html

Url: http://www.redhat.com/support/errata/RHSA-2005-586.html

Url: http://www.securityfocus.com/bid/14242

Url: http://www.ciac.org/ciac/bulletins/p-252.shtml

Url: http://www.mozilla.org/security/announce/mfsa2005-45.html

Url: http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

Url: http://secunia.com/advisories/16059

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100013

Url: http://secunia.com/advisories/16044

Url: http://secunia.com/advisories/16043

Url: http://www.vupen.com/english/advisories/2005/1075

Url: https://nvd.nist.gov/vuln/detail/CVE-2005-2260

Url: http://bugzilla.mozilla.org/show_bug.cgi?id=289940

Url: https://www.mend.io/vulnerability-database/CVE-2005-2260

Severity Score

7.3

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2005-2260

Date: July 12, 2005

Severity Score

Related Resources (22)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?