CVE-2005-0591

critical

Description

Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10039

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100042

https://exchange.xforce.ibmcloud.com/vulnerabilities/18864

https://bugzilla.mozilla.org/show_bug.cgi?id=260560

http://www.securityfocus.com/bid/12234

http://www.redhat.com/support/errata/RHSA-2005-384.html

http://www.redhat.com/support/errata/RHSA-2005-176.html

http://www.mozilla.org/security/announce/mfsa2005-16.html

http://www.mikx.de/index.php?p=7

http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml

http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml

http://secunia.com/advisories/13786

http://marc.info/?l=bugtraq&m=110547286002188&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.02392

Detections

Analytics