Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2005-2702

Disclosure Date: September 23, 2005
CVE-2005-2702
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with “zero-width non-joiner” characters.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • mozilla

Products

  • firefox,
  • firefox 1.0,
  • firefox 1.0.1,
  • firefox 1.0.2,
  • firefox 1.0.3,
  • firefox 1.0.4,
  • firefox 1.0.5,
  • mozilla suite,
  • mozilla suite 1.7.10,
  • mozilla suite 1.7.6,
  • mozilla suite 1.7.7,
  • mozilla suite 1.7.8

References

Canonical
CVE-2005-2702 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2702)
BID-14918 (http://www.securityfocus.com/bid/14918)
BID-15495 (http://www.securityfocus.com/bid/15495)
Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
DSA-868 (http://www.debian.org/security/2005/dsa-868)
ADV-2005-1824 (http://www.vupen.com/english/advisories/2005/1824)
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
SECTRACK-1014954 (http://securitytracker.com/id?1014954)
http://www.redhat.com/support/errata/RHSA-2005-789.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11609
SECUNIA-17026 (http://secunia.com/advisories/17026)
http://www.redhat.com/support/errata/RHSA-2005-791.html
USN-200-1 (http://www.ubuntu.com/usn/usn-200-1)
SECUNIA-17042 (http://secunia.com/advisories/17042)
DSA-866 (http://www.debian.org/security/2005/dsa-866)
XF-mozilla-zerowidthnonjoiner-stack-corruption(22375) (https://exchange.xforce.ibmcloud.com/vulnerabilities/22375)
http://www.mozilla.org/security/announce/mfsa2005-58.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1150
SECUNIA-17284 (http://secunia.com/advisories/17284)
SECUNIA-17149 (http://secunia.com/advisories/17149)
SECUNIA-17263 (http://secunia.com/advisories/17263)
SECUNIA-16917 (http://secunia.com/advisories/16917)
DSA-838 (http://www.debian.org/security/2005/dsa-838)
SECUNIA-17014 (http://secunia.com/advisories/17014)
http://www.redhat.com/support/errata/RHSA-2005-785.html
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
SECUNIA-17090 (http://secunia.com/advisories/17090)
SECUNIA-16911 (http://secunia.com/advisories/16911)
SECUNIA-16977 (http://secunia.com/advisories/16977)
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis