[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3089Date: (C)2005-09-28   (M)2023-12-22


Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 4.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1014949
BID-14924
SECUNIA-16977
OSVDB-19615
FLSA-2006:168375
http://www.mozilla.org/products/firefox/releases/1.0.7.html
https://bugzilla.mozilla.org/show_bug.cgi?id=302100
mozillafirefox-proxy-dos(22371)
oval:org.mitre.oval:def:9280

CPE    7
cpe:/a:mozilla:firefox:1.0.6
cpe:/a:mozilla:firefox:1.0.4
cpe:/a:mozilla:firefox:1.0.5
cpe:/a:mozilla:firefox:1.0.2
...

© SecPod Technologies