CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0588

Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2005-0588

Mozilla » Firefox » Version: 0.10

cpe:2.3:a:mozilla:firefox:0.10
Mozilla » Firefox » Version: 0.10.1

cpe:2.3:a:mozilla:firefox:0.10.1
Mozilla » Firefox » Version: 0.8

cpe:2.3:a:mozilla:firefox:0.8
Mozilla » Firefox » Version: 0.9

cpe:2.3:a:mozilla:firefox:0.9
Mozilla » Firefox » Version: 0.9.1

cpe:2.3:a:mozilla:firefox:0.9.1
Mozilla » Firefox » Version: 0.9.2

cpe:2.3:a:mozilla:firefox:0.9.2
Mozilla » Firefox » Version: 0.9.3

cpe:2.3:a:mozilla:firefox:0.9.3
Mozilla » Firefox » Version: 1.0

cpe:2.3:a:mozilla:firefox:1.0
Mozilla » Mozilla » Version: 1.3

cpe:2.3:a:mozilla:mozilla:1.3
Mozilla » Mozilla » Version: 1.4

cpe:2.3:a:mozilla:mozilla:1.4
Mozilla » Mozilla » Version: 1.4.1

cpe:2.3:a:mozilla:mozilla:1.4.1
Mozilla » Mozilla » Version: 1.5

cpe:2.3:a:mozilla:mozilla:1.5
Mozilla » Mozilla » Version: 1.5.1

cpe:2.3:a:mozilla:mozilla:1.5.1
Mozilla » Mozilla » Version: 1.6

cpe:2.3:a:mozilla:mozilla:1.6
Mozilla » Mozilla » Version: 1.7

cpe:2.3:a:mozilla:mozilla:1.7
Mozilla » Mozilla » Version: 1.7.1

cpe:2.3:a:mozilla:mozilla:1.7.1
Mozilla » Mozilla » Version: 1.7.2

cpe:2.3:a:mozilla:mozilla:1.7.2
Mozilla » Mozilla » Version: 1.7.3

cpe:2.3:a:mozilla:mozilla:1.7.3
Mozilla » Mozilla » Version: 1.7.5

cpe:2.3:a:mozilla:mozilla:1.7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0588

Products

Pricing

Contact Us