CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0401

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.039

EPSS Ranking 87.8%

CVSS Severity

CVSS v2 Score 5.1

References

Products affected by CVE-2005-0401

Mozilla » Firefox » Version: 0.10

cpe:2.3:a:mozilla:firefox:0.10
Mozilla » Firefox » Version: 0.10.1

cpe:2.3:a:mozilla:firefox:0.10.1
Mozilla » Firefox » Version: 0.8

cpe:2.3:a:mozilla:firefox:0.8
Mozilla » Firefox » Version: 0.9

cpe:2.3:a:mozilla:firefox:0.9
Mozilla » Firefox » Version: 0.9.1

cpe:2.3:a:mozilla:firefox:0.9.1
Mozilla » Firefox » Version: 0.9.2

cpe:2.3:a:mozilla:firefox:0.9.2
Mozilla » Firefox » Version: 0.9.3

cpe:2.3:a:mozilla:firefox:0.9.3
Mozilla » Firefox » Version: 1.0

cpe:2.3:a:mozilla:firefox:1.0
Mozilla » Mozilla » Version: 1.3

cpe:2.3:a:mozilla:mozilla:1.3
Mozilla » Mozilla » Version: 1.4

cpe:2.3:a:mozilla:mozilla:1.4
Mozilla » Mozilla » Version: 1.4.1

cpe:2.3:a:mozilla:mozilla:1.4.1
Mozilla » Mozilla » Version: 1.5

cpe:2.3:a:mozilla:mozilla:1.5
Mozilla » Mozilla » Version: 1.5.1

cpe:2.3:a:mozilla:mozilla:1.5.1
Mozilla » Mozilla » Version: 1.6

cpe:2.3:a:mozilla:mozilla:1.6
Mozilla » Mozilla » Version: 1.7

cpe:2.3:a:mozilla:mozilla:1.7
Mozilla » Mozilla » Version: 1.7.1

cpe:2.3:a:mozilla:mozilla:1.7.1
Mozilla » Mozilla » Version: 1.7.2

cpe:2.3:a:mozilla:mozilla:1.7.2
Mozilla » Mozilla » Version: 1.7.3

cpe:2.3:a:mozilla:mozilla:1.7.3
Mozilla » Mozilla » Version: 1.7.5

cpe:2.3:a:mozilla:mozilla:1.7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0401

Products

Pricing

Contact Us