CVE-2005-2260

N/A Unknown

Published: July 13, 2005 Modified: April 16, 2026

Description

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugzilla.mozilla.org/show_bug.cgi?id=289940

Source: secalert@redhat.com

http://secunia.com/advisories/16043

Source: secalert@redhat.com

http://secunia.com/advisories/16044

Source: secalert@redhat.com

http://secunia.com/advisories/16059

Source: secalert@redhat.com

http://www.ciac.org/ciac/bulletins/p-252.shtml

Source: secalert@redhat.com

http://www.debian.org/security/2005/dsa-810

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/mfsa2005-45.html

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.networksecurity.fi/advisories/netscape-multiple-issues.html

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2005_18_sr.html

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-586.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-587.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/14242

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2005/1075

Source: secalert@redhat.com

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100013

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10132

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1226

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A742

Source: secalert@redhat.com

http://bugzilla.mozilla.org/show_bug.cgi?id=289940

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/16043

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/16044

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/16059

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ciac.org/ciac/bulletins/p-252.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2005/dsa-810

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/mfsa2005-45.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.networksecurity.fi/advisories/netscape-multiple-issues.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_18_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-586.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-587.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/14242

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/1075

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100013

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10132

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1226

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A742

Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

3.7%

88th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

mozilla