Arbitrary Code Execution Vulnerability in Firefox, Mozilla Suite, and Netscape
CVE-2005-1156

Currently unrated

Key Information:

Vendor
Mozilla
Status
Firefox
Mozilla
Navigator
Vendor
CVE Published:
2 May 2005

Summary

A vulnerability in Firefox, Mozilla Suite, and Netscape allows remote attackers to execute arbitrary scripts and code. This is exploited through a malicious search plugin that utilizes the sidebar.addSearchEngine functionality, compromising user security. Keeping your software updated is crucial to protect against such vulnerabilities.

References

http://www.redhat.com/support/errata/RHSA-2005-386.html
vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/14992
third-party-advisoryx_refsource_SECUNIA

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2005-1156 : Arbitrary Code Execution Vulnerability in Firefox, Mozilla Suite, and Netscape | SecurityVulnerability.io