FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-1477

This CVE name corresponds to:

Entered Topic
2005-05-11 mozilla -- code execution via javascript: IconURL vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-1477
Phase Assigned(20050509)

Description

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.

References

Source Reference
FULLDISC 20050508 Firefox Remote Compromise Leaked
FULLDISC 20050508 Firefox Remote Compromise Technical Details
MISC http://greyhatsecurity.org/firefox.htm
MISC http://greyhatsecurity.org/vulntests/ffrc.htm
CONFIRM http://www.mozilla.org/security/announce/mfsa2005-42.html
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=293302
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=292691
REDHAT RHSA-2005:434
REDHAT RHSA-2005:435
SCO SCOSA-2005.49
CERT-VN VU#648758
BID 13544
BID 15495
OVAL oval:org.mitre.oval:def:9231
VUPEN ADV-2005-0493
OVAL oval:org.mitre.oval:def:100001
SECTRACK 1013913
SECUNIA 15292
XF mozilla-javascript-code-execution(20443)