Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2005-2270

CVE-2005-2270

UNKNOWN

Firefox before 1

Published Jul 13, 2005

Modified 1 years ago

Details

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.

References(26)

http://secunia.com/advisories/16043

http://secunia.com/advisories/16059

http://secunia.com/advisories/19823

http://securitytracker.com/id?1014470

http://www.ciac.org/ciac/bulletins/p-252.shtml

http://www.debian.org/security/2005/dsa-810

http://www.kb.cert.org/vuls/id/652366

http://www.mozilla.org/security/announce/mfsa2005-56.html

http://www.novell.com/linux/security/advisories/2005_18_sr.html

http://www.novell.com/linux/security/advisories/2005_45_mozilla.html

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.redhat.com/support/errata/RHSA-2005-586.html

http://www.redhat.com/support/errata/RHSA-2005-587.html

http://www.redhat.com/support/errata/RHSA-2005-601.html

http://www.securityfocus.com/bid/14242

http://www.vupen.com/english/advisories/2005/1075

https://bugzilla.mozilla.org/show_bug.cgi?id=294795

https://bugzilla.mozilla.org/show_bug.cgi?id=294799

https://bugzilla.mozilla.org/show_bug.cgi?id=295011

https://bugzilla.mozilla.org/show_bug.cgi?id=296397

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100003

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11751

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A550

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A817

CVSS Analysis

CVSS v2.0

7.5

Exploitability

Access Vector

NetworkAV:N

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

PartialC:P

Integrity

PartialI:P

Availability

PartialA:P

7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P

Ecosystems

Timeline

PublishedJul 13, 2005

ModifiedAug 7, 2024

CVE-2005-2270 | Mondoo Vulnerability Intelligence