CVE - CVE-2005-1937

CVE-ID
CVE-2005-1937	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:14242 URL:http://www.securityfocus.com/bid/14242 CONFIRM:http://www.mozilla.org/security/announce/mfsa2005-51.html CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=296850 DEBIAN:DSA-777 URL:http://www.debian.org/security/2005/dsa-777 DEBIAN:DSA-810 URL:http://www.debian.org/security/2005/dsa-810 FEDORA:FLSA:160202 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202 MISC:http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ OVAL:oval:org.mitre.oval:def:100007 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100007 OVAL:oval:org.mitre.oval:def:10633 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10633 OVAL:oval:org.mitre.oval:def:637 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A637 OVAL:oval:org.mitre.oval:def:759 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A759 REDHAT:RHSA-2005:586 URL:http://www.redhat.com/support/errata/RHSA-2005-586.html REDHAT:RHSA-2005:587 URL:http://www.redhat.com/support/errata/RHSA-2005-587.html SECUNIA:15601 URL:http://secunia.com/advisories/15601 SUNALERT:101952 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-101952-1~~ (Obsolete source) SUSE:SUSE-SA:2005:045 URL:http://www.novell.com/linux/security/advisories/2005_45_mozilla.html SUSE:SUSE-SR:2005:018 URL:http://www.novell.com/linux/security/advisories/2005_18_sr.html VUPEN:ADV-2005-1075 URL:~~http://www.vupen.com/english/advisories/2005/1075~~ (Obsolete source)
Assigning CNA
Debian GNU/Linux
Date Record Created
20050613	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20050613)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)