1. Home
  2. CVE Database
  3. CVE-2005-2706
MEDIUM · 6.4

CVE-2005-2706

Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

Vulnerability Description

Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

CVSS Score

6.4

MEDIUM

AV:N/AC:L/Au:N/C:P/I:P/A:N
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
MozillaFirefox<= 1.0.6
MozillaMozilla Suite<= 1.7.11

References

FAQ

What is CVE-2005-2706?

CVE-2005-2706 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

How severe is CVE-2005-2706?

CVE-2005-2706 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2706?

Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Mozilla Suite.