CVE-2005-2265

Mozilla Firefox - Denial of Service

Title source: rule

Description

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16306

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by H D Moore · rubyremotewindows

https://www.exploit-db.com/exploits/9947

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/mozilla_compareto.rb

View Code ZIP pw:eip

References (22)

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/p-252.shtml

[Third Party Advisory] http://www.debian.org/security/2005/dsa-810

[Patch, Vendor Advisory] http://www.mozilla.org/security/announce/mfsa2005-50.html

[Various Sources] http://www.networksecurity.fi/advisories/netscape-multiple-issues.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14242

[Exploit, Vendor Advisory] https://bugzilla.mozilla.org/show_bug.cgi?id=295854

[Issue Tracking] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A781

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-586.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-587.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-601.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2005_18_sr.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2006_04_25.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100008

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10397

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A417

[Third Party Advisory] http://secunia.com/advisories/16043

[Third Party Advisory] http://secunia.com/advisories/16044

[Third Party Advisory] http://secunia.com/advisories/16059

... and 2 more

Scores

EPSS 0.8204

EPSS Percentile 99.2%

Details

Status published

Products (26)

mozilla/firefox 0.8

mozilla/firefox 0.9 (2 CPE variants)

mozilla/firefox 0.9.1

mozilla/firefox 0.9.2

mozilla/firefox 0.9.3

mozilla/firefox 0.10

mozilla/firefox 0.10.1

mozilla/firefox 1.0

mozilla/firefox 1.0.1

mozilla/firefox 1.0.2

... and 16 more

Published Jul 13, 2005

Tracked Since Feb 18, 2026