Launchpad CVE tracker

CVE 2005-2263

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation.

Related bugs and status

CVE-2005-2263 (Candidate) is related to these bugs:

Bug #20648: Various security bugs unfixed in debian stable

Summary				In	Importance	Status
	20648	Various security bugs unfixed in debian stable		mozilla (Ubuntu)	High	Invalid
	20648	Various security bugs unfixed in debian stable		mozilla (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.mozil...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: https://bugzilla.redha...
MISC: http://www.ciac.org/ci...
MISC: http://www.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: http://www.novell.com/...
MISC: http://www.mozilla.org...
MISC: https://oval.cisecurit...
MISC: https://oval.cisecurit...
MISC: https://oval.cisecurit...
MISC: https://oval.cisecurit...
MISC: https://oval.cisecurit...

Launchpad.net

CVE 2005-2263

Related bugs and status

Related bugs

References