CVE-2005-2269
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
13/07/2005
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing").
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://secunia.com/advisories/16043
- http://secunia.com/advisories/16044
- http://secunia.com/advisories/16059
- http://secunia.com/advisories/19823
- http://www.ciac.org/ciac/bulletins/p-252.shtml
- http://www.debian.org/security/2005/dsa-810
- http://www.mozilla.org/security/announce/mfsa2005-55.html
- http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
- http://www.novell.com/linux/security/advisories/2005_18_sr.html
- http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.redhat.com/support/errata/RHSA-2005-586.html
- http://www.redhat.com/support/errata/RHSA-2005-587.html
- http://www.redhat.com/support/errata/RHSA-2005-601.html
- http://www.securityfocus.com/bid/14242
- http://www.vupen.com/english/advisories/2005/1075
- https://bugzilla.mozilla.org/show_bug.cgi?id=298892
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100005
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1258
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A729
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9777
- http://secunia.com/advisories/16043
- http://secunia.com/advisories/16044
- http://secunia.com/advisories/16059
- http://secunia.com/advisories/19823
- http://www.ciac.org/ciac/bulletins/p-252.shtml
- http://www.debian.org/security/2005/dsa-810
- http://www.mozilla.org/security/announce/mfsa2005-55.html
- http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
- http://www.novell.com/linux/security/advisories/2005_18_sr.html
- http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.redhat.com/support/errata/RHSA-2005-586.html
- http://www.redhat.com/support/errata/RHSA-2005-587.html
- http://www.redhat.com/support/errata/RHSA-2005-601.html
- http://www.securityfocus.com/bid/14242
- http://www.vupen.com/english/advisories/2005/1075
- https://bugzilla.mozilla.org/show_bug.cgi?id=298892
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100005
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100011
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1258
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A729
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9777