CVE-2005-1477

Impact:
Important
Public Date:
2005-05-08
Bugzilla:
1617652: CVE-2005-1477 security flaw

The MITRE CVE dictionary describes this issue as:

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.

Find out more about CVE-2005-1477 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (mozilla) RHSA-2005:435 2005-05-23
Red Hat Enterprise Linux 4 RHSA-2005:435 2005-05-23
Red Hat Enterprise Linux 4 (firefox) RHSA-2005:434 2005-05-23
Red Hat Enterprise Linux 2.1 RHSA-2005:435 2005-05-23

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.