CVE-2005-2270 Information

Description

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.

Reference

http://secunia.com/advisories/16043 http://secunia.com/advisories/16059 http://secunia.com/advisories/19823 http://securitytracker.com/id?1014470 http://www.ciac.org/ciac/bulletins/p-252.shtml http://www.debian.org/security/2005/dsa-810 http://www.kb.cert.org/vuls/id/652366 http://www.mozilla.org/security/announce/mfsa2005-56.html http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.novell.com/linux/security/advisories/2005_45_mozilla.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/support/errata/RHSA-2005-586.html http://www.redhat.com/support/errata/RHSA-2005-587.html http://www.redhat.com/support/errata/RHSA-2005-601.html http://www.securityfocus.com/bid/14242 http://www.vupen.com/english/advisories/2005/1075 https://bugzilla.mozilla.org/show_bug.cgi?id=294795 https://bugzilla.mozilla.org/show_bug.cgi?id=294799 https://bugzilla.mozilla.org/show_bug.cgi?id=295011 https://bugzilla.mozilla.org/show_bug.cgi?id=296397 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100003 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11751 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A550 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A817