Arbitrary Code Execution Vulnerability in Firefox, Mozilla Suite, and Netscape
CVE-2005-1156

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla; Navigator
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-1156?

A vulnerability in Firefox, Mozilla Suite, and Netscape allows remote attackers to execute arbitrary scripts and code. This is exploited through a malicious search plugin that utilizes the sidebar.addSearchEngine functionality, compromising user security. Keeping your software updated is crucial to protect against such vulnerabilities.

References

http://www.redhat.com/support/errata/RHSA-2005-386.html

vendor-advisoryx_refsource_REDHAT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/14992

third-party-advisoryx_refsource_SECUNIA

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 18, 2005