CVE-2005-0587

6.5 MEDIUM

Published: March 25, 2005 Modified: April 16, 2026

Description

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/19823

Source: secalert@redhat.com

Broken Link

http://www.mozilla.org/security/announce/mfsa2005-21.html

Source: secalert@redhat.com

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/bid/12659

Source: secalert@redhat.com

Broken Link Third Party Advisory VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100037

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/19823