CVE-2005-1186

medium

Description

Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20129

http://www.hyperdose.com/advisories/H2005-04.txt

http://securitytracker.com/id?1013718

http://seclists.org/lists/bugtraq/2005/Apr/0212.html

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00459