CVE-2005-0150

Published: May 26, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code.

Affected (9)

Products: Mozilla: Firefox

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 0.10.1
Mozilla Firefox	Version 0.10
Mozilla Firefox	Version 0.8
Mozilla Firefox	Version 0.9.1
Mozilla Firefox	Version 0.9.2
Mozilla Firefox	Version 0.9.3
Mozilla Firefox	Version 0.9
Mozilla Firefox	Version 0.9 rc
Mozilla Firefox	Version 1.0

References (10)

http://www.mozilla.org/security/announce/mfsa2005-12.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/12407

Source: cve@mitre.org

https://bugzilla.mozilla.org/show_bug.cgi?id=265668

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19187

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100046

Source: cve@mitre.org

http://www.mozilla.org/security/announce/mfsa2005-12.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/12407

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=265668

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19187

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100046

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.