CVE-2005-0587

Description

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

Risk Information

Base Score

6.5

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS Score

Exploitation Probability

1.084

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Mozilla Firefox (x64) 1.0	Windows
Multiple vulnerabilities affected in Mozilla_Firefox 1.0	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.10.1	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.8	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.9	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.9.1	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.9.2	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 0.9.3	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 1.0	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.10.1	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.8	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.9	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.9.1	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.9.2	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 0.9.3	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 1.0	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-343016	Mozilla Firefox (x64) (132.0.2)
PATCH-343015	Mozilla Firefox (132.0.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234