CVE-2005-1160

N/A Unknown

Published: May 02, 2005 Modified: April 16, 2026

Description

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

Source: secalert@redhat.com

http://secunia.com/advisories/14938

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/14992

Source: secalert@redhat.com

Patch Vendor Advisory

http://secunia.com/advisories/19823

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.mozilla.org/security/announce/mfsa2005-41.html

Source: secalert@redhat.com

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-383.html

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-384.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-386.html

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-601.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/13233

Source: secalert@redhat.com

http://www.securityfocus.com/bid/15495

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=289074

Source: secalert@redhat.com

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=289083

Source: secalert@redhat.com

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=289961

Source: secalert@redhat.com

Patch

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100017

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11291

Source: secalert@redhat.com

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/14938

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/14992

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/19823

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.mozilla.org/security/announce/mfsa2005-41.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-383.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-384.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-386.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-601.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/13233

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15495

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=289074

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=289083

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=289961

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100017

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11291

Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.3%

89th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

mozilla