Rapid7 Vulnerability & Exploit Database

Mozilla Firefox XHTML Privilege Spoofing Vulnerability

Back to Search

Mozilla Firefox XHTML Privilege Spoofing Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

06/14/2005

Created

07/25/2018

Added

07/13/2005

Modified

02/13/2015

Description

Certain versions of Mozilla Firefox do not properly validate XHTML documents. As a result, a malicious web site operator can construct a page which confuses the browser into executing script code with elevated privileges; these privileges can in turn be used to install arbitrary software.

Solution(s)

mozilla-firefox-upgrade-latest

References

https://attackerkb.com/topics/cve-2005-1937
14242
652366
P-252
CVE - 2005-1937
CVE - 2005-2260
CVE - 2005-2261
CVE - 2005-2262
CVE - 2005-2263
CVE - 2005-2264
CVE - 2005-2265
CVE - 2005-2266
CVE - 2005-2267
CVE - 2005-2268
CVE - 2005-2269
CVE - 2005-2270
DSA-777
DSA-810
OVAL100003
OVAL100004
OVAL100005
OVAL100006
OVAL100007
OVAL100008
OVAL100009
OVAL100010
OVAL100011
OVAL100012
OVAL100013
OVAL100016
OVAL100107
OVAL10132
OVAL10397
OVAL10517
OVAL10633
OVAL10712
OVAL1073
OVAL10947
OVAL11097
OVAL11334
OVAL11629
OVAL1172
OVAL11751
OVAL1226
OVAL1258
OVAL1268
OVAL1281
OVAL1311
OVAL1313
OVAL1348
OVAL1415
OVAL417
OVAL550
OVAL637
OVAL729
OVAL742
OVAL759
OVAL773
OVAL781
OVAL808
OVAL817
OVAL9777
OVAL9887
RHSA-2005:586
RHSA-2005:587
RHSA-2005:601
SUSE-SA:2005:045
SUSE-SA:2006:004
SUSE-SA:2006:022
http://bugzilla.mozilla.org/show_bug.cgi?id=289940
http://www.frsirt.com/english/advisories/2005/1075
http://www.mikx.de/firewalling/
http://www.mozilla.org/security/announce/mfsa2005-45.html
http://www.mozilla.org/security/announce/mfsa2005-46.html
http://www.mozilla.org/security/announce/mfsa2005-47.html
http://www.mozilla.org/security/announce/mfsa2005-48.html
http://www.mozilla.org/security/announce/mfsa2005-49.html
http://www.mozilla.org/security/announce/mfsa2005-50.html
http://www.mozilla.org/security/announce/mfsa2005-51.html
http://www.mozilla.org/security/announce/mfsa2005-52.html
http://www.mozilla.org/security/announce/mfsa2005-53.html
http://www.mozilla.org/security/announce/mfsa2005-54.html
http://www.mozilla.org/security/announce/mfsa2005-55.html
http://www.mozilla.org/security/announce/mfsa2005-56.html
http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
http://www.securiteam.com/securitynews/5ZP0E0UGAK.html
https://bugzilla.mozilla.org/show_bug.cgi?id=289940
https://bugzilla.mozilla.org/show_bug.cgi?id=292589
https://bugzilla.mozilla.org/show_bug.cgi?id=292591
https://bugzilla.mozilla.org/show_bug.cgi?id=293331
https://bugzilla.mozilla.org/show_bug.cgi?id=294074
https://bugzilla.mozilla.org/show_bug.cgi?id=294795
https://bugzilla.mozilla.org/show_bug.cgi?id=294799
https://bugzilla.mozilla.org/show_bug.cgi?id=295011
https://bugzilla.mozilla.org/show_bug.cgi?id=295854
https://bugzilla.mozilla.org/show_bug.cgi?id=296397
https://bugzilla.mozilla.org/show_bug.cgi?id=296850
https://bugzilla.mozilla.org/show_bug.cgi?id=298255
https://bugzilla.mozilla.org/show_bug.cgi?id=298892
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202
21332

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Mozilla Firefox XHTML Privilege Spoofing Vulnerability